Kontrola logu

Zpráva

xrobat · #1 Příspěvek od **xrobat** » 22 bře 2014 08:14

Dobrý den,
prosím o kontrolu logu (výrazné zpomalení odezvy).
Díky Táborský

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by taborsky (administrator) on JIRKA on 22-03-2014 08:08:55
Running from C:\Documents and Settings\taborsky\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hummingbird Ltd.) C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\jconfigdnt.exe
(Ansys, Inc) C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
(Hummingbird Ltd.) C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\hjavaw.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
() C:\WINDOWS\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ansys, Inc.) C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
() C:\Program Files\lucky leap\updateluckyleap.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe
(Flexera Software, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe
() C:\Program Files\lucky leap\bin\utilluckyleap.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(HP) C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
(TechniSat Digital, S.A.) C:\Program Files\TechniSat DVB\bin\Server4PC.exe
(Lingea) C:\Program Files\Common Files\Lingea Shared\luc.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(TechniSat Digital, S.A.) C:\Program Files\TechniSat DVB\bin\Server4PC.exe
() C:\Program Files\DVBViewer TE2\TS_Winlirc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16270848 2006-11-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [JMB36X IDE Setup] - C:\WINDOWS\JM\JMInsIDE.exe [36864 2006-10-31] ()
HKLM\...\Run: [36X Raid Configurer] - C:\WINDOWS\system32\JMRaidSetup.exe [1953792 2006-11-17] (Gigabyte Technology Corp.)
HKLM\...\Run: [USBToolTip] - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [HP CP1020 System Tray] - C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE [2627384 2010-05-12] (HP)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-18] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [XP_EOS] - C:\WINDOWS\system32\xp_eos.exe /r [13312 2014-02-27] (Microsoft Corporation)
HKU\S-1-5-21-1409082233-573735546-725345543-1010\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1409082233-573735546-725345543-1010\...\Run: [Google Update] - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-07-23] (Google Inc.)
HKU\S-1-5-21-1409082233-573735546-725345543-1010\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\ColorPage-Vivid Pro II Detector.lnk
ShortcutTarget: ColorPage-Vivid Pro II Detector.lnk -> C:\WINDOWS\twain_32\VIVID\VIVID.EXE ()
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\cinetray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk
ShortcutTarget: Akcelerátor spuštění AutoCADu.lnk -> C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\_OTM\MovedFiles\06222013_193924\C_Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (No File)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Server4PC.lnk
ShortcutTarget: Server4PC.lnk -> C:\Program Files\TechniSat DVB\bin\Server4PC.exe (TechniSat Digital, S.A.)
Startup: C:\Documents and Settings\ilona\Nabídka Start\Programy\Po spuštění\daemon.exe (DT Soft Ltd)
Startup: C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
Startup: C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Zástupce - openvpn-gui.lnk
ShortcutTarget: Zástupce - openvpn-gui.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()

==================== Internet (Whitelisted) ====================

BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Program Files\VVD CAD Systems\urlmon.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (DjVu Plugin Viewer) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\plugins\npdjvu.dll (Caminova, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Peněženka Google) - C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [2013-08-22]
CHR HKLM\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files\LSHunter.TV\stv10.crx [2013-08-22]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-08-22]

========================== Services (Whitelisted) =================

R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe [3949056 2012-09-24] (ANSYS, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-18] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-11-18] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4412872 2012-08-22] (SafeNet Inc.)
S4 HCLInetd; C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Inetd\inetd32.exe [32768 2001-07-26] (Hummingbird Ltd.)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [142336 2010-04-12] (HP)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 Jconfigd; C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\jconfigdnt.exe [28672 2001-07-23] (Hummingbird Ltd.)
R2 JobManagerService110; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [20480 2007-09-20] (Ansys, Inc)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [16384 2006-10-01] ()
S2 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] ()
R2 ScriptHostService110; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [20480 2007-09-20] (Ansys, Inc.)
R2 Update lucky leap; C:\Program Files\lucky leap\updateluckyleap.exe [348448 2014-03-21] ()
R2 Util lucky leap; C:\Program Files\lucky leap\bin\utilluckyleap.exe [348448 2014-03-21] ()
S2 Flexlm Service 1; C:\flexlm\lmgrd.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [365056 2012-08-07] (SafeNet Inc.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238208 2012-06-15] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46720 2012-06-15] (SafeNet Inc.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [289152 2012-06-15] (SafeNet Inc.)
R1 as6eio; C:\WINDOWS\System32\drivers\as6eio.SYS [3616 1997-12-08] ()
R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [35656 2013-11-18] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2013-11-18] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2013-11-18] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2013-11-18] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [247192 2013-11-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-11-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-10-17] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [774392 2013-11-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [403440 2013-11-08] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-11-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [178304 2013-10-17] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-05-20] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cinemsup; C:\WINDOWS\system32\Drivers\Cinemsup.sys [6656 2002-07-19] (Sonic Solutions)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
S3 gdrv; C:\WINDOWS\gdrv.sys [14656 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [596424 2011-08-10] (SafeNet Inc.)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2008-10-24] (Aladdin Knowledge Systems)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-08] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [43648 2006-11-21] (JMicron Technology Corp.)
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 ppsio2; C:\WINDOWS\system32\Drivers\ppsio2.sys [22400 1999-04-02] ()
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R3 SKYNET; C:\WINDOWS\System32\DRIVERS\SkyNET.SYS [507408 2009-09-11] (TechniSat Digital, S.A.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [717296 2008-10-10] ()
S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 tap0801; C:\WINDOWS\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project)
S3 XXLHASP; c:\windows\system32\drivers\XXLHASP.sys [821248 2010-03-01] ()
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [250496 2006-11-22] (Marvell)
U3 az1fsr21; C:\WINDOWS\system32\Drivers\az1fsr21.sys [0 ] (Microsoft Corporation)
S3 CrystalSysInfo; \??\c:\Program Files\MediaCoder Mobile Phone Edition\SysInfo.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-22 08:08 - 2014-03-22 08:09 - 00023759 _____ () C:\Documents and Settings\taborsky\Plocha\FRST.txt
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\FRST
2014-03-22 08:02 - 2014-03-22 07:57 - 01145856 _____ (Farbar) C:\Documents and Settings\taborsky\Plocha\FRST.exe
2014-03-22 08:02 - 2013-10-17 22:47 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\taborsky\Plocha\FRSTLauncher.exe
2014-03-22 07:07 - 2014-03-22 07:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-22 07:05 - 2014-03-22 07:07 - 00004247 _____ () C:\WINDOWS\KB2934207.log
2014-03-22 07:05 - 2014-03-22 07:05 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-22 06:58 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-22 06:58 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-21 18:44 - 2014-03-21 18:44 - 00000644 _____ () C:\Documents and Settings\All Users\Plocha\iLivid.lnk
2014-03-21 18:40 - 2014-03-21 18:41 - 00000000 ____D () C:\Documents and Settings\taborsky\Data aplikací\.technic
2014-03-19 21:39 - 2014-03-19 21:39 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-03-19 21:39 - 2014-03-19 21:39 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2014-03-19 21:39 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-03-19 21:39 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-03-19 21:39 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-03-19 21:39 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-03-19 21:39 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-03-19 21:38 - 2014-03-19 21:39 - 00005724 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-03-16 21:34 - 2014-03-16 21:34 - 00000403 _____ () C:\WINDOWS\wmsetup.log
2014-03-16 21:10 - 2014-03-16 21:12 - 00000698 _____ () C:\Documents and Settings\taborsky\Plocha\kubil server.lnk
2014-03-16 21:10 - 2014-03-16 21:11 - 00000727 _____ () C:\Documents and Settings\taborsky\Plocha\supercraft server.lnk
2014-03-15 00:26 - 2014-03-15 00:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-15 00:26 - 2014-03-15 00:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 18:09 - 2014-03-15 00:27 - 00226303 _____ () C:\WINDOWS\KB2925418-IE7.log
2014-03-14 18:07 - 2014-03-15 00:26 - 00127606 _____ () C:\WINDOWS\KB2929961.log
2014-03-14 18:05 - 2014-03-15 00:26 - 00130892 _____ () C:\WINDOWS\KB2930275.log
2014-03-07 18:40 - 2014-03-14 19:00 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Skype
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-03-02 15:57 - 2014-03-02 15:57 - 00098304 _____ () C:\WINDOWS\Minidump\Mini030214-01.dmp
2014-03-01 09:45 - 2014-03-01 09:45 - 00098304 _____ () C:\WINDOWS\Minidump\Mini030114-01.dmp
2014-02-27 20:17 - 2014-02-27 20:17 - 00000696 _____ () C:\Documents and Settings\All Users\Plocha\LogMeIn Hamachi.lnk
2014-02-27 20:17 - 2014-02-27 20:17 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-27 20:17 - 2014-02-27 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2014-02-25 18:10 - 2014-02-25 18:10 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\Adobe
2014-02-25 18:09 - 2014-02-25 18:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\AVAST Software

==================== One Month Modified Files and Folders =======

2014-03-22 08:09 - 2014-03-22 08:08 - 00023759 _____ () C:\Documents and Settings\taborsky\Plocha\FRST.txt
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\FRST
2014-03-22 08:08 - 2010-12-20 01:26 - 00000000 ____D () C:\Documents and Settings\taborsky\Plocha
2014-03-22 08:07 - 2008-10-10 19:12 - 00007619 _____ () C:\WINDOWS\WINCMD.INI
2014-03-22 08:00 - 2010-12-26 21:40 - 00000000 ____D () C:\Documents and Settings\taborsky\Data aplikací\Skype
2014-03-22 07:57 - 2014-03-22 08:02 - 01145856 _____ (Farbar) C:\Documents and Settings\taborsky\Plocha\FRST.exe
2014-03-22 07:43 - 2013-10-21 20:53 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-22 07:35 - 2013-12-04 22:23 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-22 07:13 - 2014-01-22 19:47 - 00001038 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-573735546-725345543-1010UA.job
2014-03-22 07:07 - 2014-03-22 07:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-22 07:07 - 2014-03-22 07:05 - 00004247 _____ () C:\WINDOWS\KB2934207.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00126414 _____ () C:\WINDOWS\iis6.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00117472 _____ () C:\WINDOWS\FaxSetup.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00056164 _____ () C:\WINDOWS\ocgen.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00053580 _____ () C:\WINDOWS\tsoc.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00038814 _____ () C:\WINDOWS\comsetup.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00036550 _____ () C:\WINDOWS\msmqinst.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00023526 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00020577 _____ () C:\WINDOWS\netfxocm.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00008075 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00007334 _____ () C:\WINDOWS\ocmsn.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00005909 _____ () C:\WINDOWS\tabletoc.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00005871 _____ () C:\WINDOWS\msgsocm.log
2014-03-22 07:07 - 2013-11-14 03:08 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-22 07:07 - 2008-10-09 21:57 - 01411252 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-22 07:05 - 2014-03-22 07:05 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-22 07:02 - 2013-11-13 16:30 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-22 06:59 - 2013-08-07 12:53 - 00000000 ____D () C:\Documents and Settings\taborsky\Local Settings\Data aplikací\LogMeIn Hamachi
2014-03-22 06:59 - 2013-08-07 12:53 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2014-03-22 06:57 - 2013-12-04 22:23 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-22 06:57 - 2004-08-18 13:00 - 00013678 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-22 06:56 - 2008-10-17 00:15 - 00000434 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-03-22 06:56 - 2008-10-09 23:50 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-22 06:56 - 2008-10-09 23:50 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-22 06:56 - 2008-10-09 22:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-22 06:55 - 2013-10-26 16:45 - 00000000 ____D () C:\Program Files\lucky leap
2014-03-21 23:35 - 2008-10-09 22:01 - 00032584 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-21 23:34 - 2010-12-20 01:26 - 00000178 ___SH () C:\Documents and Settings\taborsky\ntuser.ini
2014-03-21 23:34 - 2010-12-20 01:26 - 00000000 ____D () C:\Documents and Settings\taborsky
2014-03-21 20:33 - 2013-04-08 18:33 - 00000000 ____D () C:\Documents and Settings\taborsky\Data aplikací\.minecraft
2014-03-21 19:14 - 2014-01-22 19:47 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-573735546-725345543-1010Core.job
2014-03-21 18:44 - 2014-03-21 18:44 - 00000644 _____ () C:\Documents and Settings\All Users\Plocha\iLivid.lnk
2014-03-21 18:44 - 2010-12-20 01:26 - 00000000 ___HD () C:\Documents and Settings\taborsky\Local Settings\Data aplikací
2014-03-21 18:44 - 2008-10-09 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-03-21 18:41 - 2014-03-21 18:40 - 00000000 ____D () C:\Documents and Settings\taborsky\Data aplikací\.technic
2014-03-21 18:40 - 2010-12-20 01:26 - 00000000 __RHD () C:\Documents and Settings\taborsky\Data aplikací
2014-03-19 21:39 - 2014-03-19 21:39 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-03-19 21:39 - 2014-03-19 21:39 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2014-03-19 21:39 - 2014-03-19 21:38 - 00005724 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-03-19 21:39 - 2009-09-04 22:49 - 00000000 ____D () C:\Program Files\Java
2014-03-19 21:39 - 2008-10-09 23:47 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-03-18 23:50 - 2010-12-26 01:09 - 00000000 __SHD () C:\Documents and Settings\taborsky\Data aplikací\.#
2014-03-18 20:19 - 2013-08-14 21:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 20:15 - 2008-10-16 22:33 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-17 22:43 - 2010-12-27 09:46 - 00000000 ____D () C:\Documents and Settings\taborsky\Data aplikací\Corel
2014-03-17 21:47 - 2008-10-12 21:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\My PSP Files
2014-03-17 21:47 - 2008-10-12 21:19 - 00003140 ___SH () C:\WINDOWS\system32\KGyGaAvL.sys
2014-03-16 21:34 - 2014-03-16 21:34 - 00000403 _____ () C:\WINDOWS\wmsetup.log
2014-03-16 21:12 - 2014-03-16 21:10 - 00000698 _____ () C:\Documents and Settings\taborsky\Plocha\kubil server.lnk
2014-03-16 21:11 - 2014-03-16 21:10 - 00000727 _____ () C:\Documents and Settings\taborsky\Plocha\supercraft server.lnk
2014-03-15 08:08 - 2010-02-17 20:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 08:08 - 2008-10-09 23:45 - 00330688 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-15 00:27 - 2014-03-14 18:09 - 00226303 _____ () C:\WINDOWS\KB2925418-IE7.log
2014-03-15 00:27 - 2013-11-14 03:08 - 00037526 _____ () C:\WINDOWS\updspapi.log
2014-03-15 00:27 - 2013-11-14 03:08 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-15 00:26 - 2014-03-15 00:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-15 00:26 - 2014-03-15 00:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-15 00:26 - 2014-03-14 18:07 - 00127606 _____ () C:\WINDOWS\KB2929961.log
2014-03-15 00:26 - 2014-03-14 18:05 - 00130892 _____ () C:\WINDOWS\KB2930275.log
2014-03-15 00:26 - 2009-05-26 21:41 - 00000000 ____D () C:\WINDOWS\ie7updates
2014-03-15 00:24 - 2010-06-05 08:37 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Silverlight
2014-03-14 19:00 - 2014-03-07 18:40 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-03-11 21:57 - 2012-04-26 19:03 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-11 21:57 - 2011-07-08 20:05 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-11 00:28 - 2012-08-17 21:09 - 00002347 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
2014-03-10 19:25 - 2010-12-20 01:27 - 00000000 ___RD () C:\Documents and Settings\taborsky\Dokumenty\Obrázky
2014-03-10 19:05 - 2011-01-15 21:07 - 00000000 ____D () C:\Documents and Settings\taborsky\Dokumenty\Filmy
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Skype
2014-03-07 18:40 - 2014-03-07 18:40 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-03-07 18:40 - 2013-02-10 09:37 - 00000000 ___RD () C:\Program Files\Skype
2014-03-07 18:40 - 2008-10-10 19:31 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-03-06 01:19 - 2009-11-14 13:02 - 00015621 _____ () C:\WINDOWS\VVD.INI
2014-03-06 01:19 - 2009-11-14 13:01 - 00000314 _____ () C:\WINDOWS\CADCNTRL.INI
2014-03-06 01:18 - 2013-11-14 22:02 - 00002121 _____ () C:\Documents and Settings\All Users\Plocha\Visual Vessel Design 13.lnk
2014-03-02 15:57 - 2014-03-02 15:57 - 00098304 _____ () C:\WINDOWS\Minidump\Mini030214-01.dmp
2014-03-02 15:57 - 2009-01-03 16:46 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-02 14:38 - 2014-01-27 20:25 - 00002160 _____ () C:\Documents and Settings\taborsky\Plocha\Minecraft.lnk
2014-03-02 14:04 - 2013-10-26 19:08 - 00000000 ____D () C:\Documents and Settings\taborsky\minecraft
2014-03-01 09:52 - 2008-10-11 17:29 - 00000143 _____ () C:\WINDOWS\NeroDigital.ini
2014-03-01 09:45 - 2014-03-01 09:45 - 00098304 _____ () C:\WINDOWS\Minidump\Mini030114-01.dmp
2014-02-27 20:18 - 2013-11-07 21:09 - 00023142 _____ () C:\WINDOWS\setupapi.log
2014-02-27 20:17 - 2014-02-27 20:17 - 00000696 _____ () C:\Documents and Settings\All Users\Plocha\LogMeIn Hamachi.lnk
2014-02-27 20:17 - 2014-02-27 20:17 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-02-27 20:17 - 2014-02-27 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2014-02-27 00:28 - 2014-03-22 06:58 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-27 00:28 - 2014-03-22 06:58 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-02-25 18:10 - 2014-02-25 18:10 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\Adobe
2014-02-25 18:10 - 2008-10-09 22:01 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací
2014-02-25 18:09 - 2014-02-25 18:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\AVAST Software
2014-02-24 20:41 - 2008-10-20 17:12 - 00000349 _____ () C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI

Some content of TEMP:
====================
C:\Documents and Settings\taborsky\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\taborsky\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\taborsky\Local Settings\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Documents and Settings\taborsky\Local Settings\Temp\Uninstall.exe
C:\Documents and Settings\taborsky\Local Settings\Temp\vcredist_x86.exe
C:\Documents and Settings\taborsky\Local Settings\Temp\{77BAC5D5-B3F6-422F-B71A-7377F99E1294}-33.0.1750.146_33.0.1750.117_chrome_updater.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-18 13:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2004-08-18 13:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2004-08-18 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2004-08-18 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2004-08-18 13:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2004-08-18 13:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-18 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

==================== End Of Log ============================

#2 Příspěvek od **Márty84** » 22 bře 2014 08:30

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

xrobat · #3 Příspěvek od **xrobat** » 22 bře 2014 09:05

# AdwCleaner v3.022 - Report created 22/03/2014 at 08:52:53
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : taborsky - JIRKA
# Running from : C:\Documents and Settings\taborsky\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update lucky leap
[#] Service Deleted : Util lucky leap

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\lucky leap
Folder Deleted : C:\Program Files\MyPC Backup
[!] Folder Deleted : C:\Documents and Settings\ilona\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kkfggacklibaabdomphfdpcodjgihgon
[!] Folder Deleted : C:\Documents and Settings\ilona\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
File Deleted : C:\Documents and Settings\All Users\Plocha\iLivid.lnk
File Deleted : C:\DOCUME~1\taborsky\LOCALS~1\Temp\Uninstall.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kkfggacklibaabdomphfdpcodjgihgon
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKLM\Software\lucky leap
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21371

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\taborsky\Data aplikací\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\ilona\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R1].txt - [2960 octets] - [22/03/2014 08:51:37]
AdwCleaner[S1].txt - [2953 octets] - [22/03/2014 08:52:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3013 octets] ##########

#4 Příspěvek od **Márty84** » 22 bře 2014 09:07

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

xrobat · #5 Příspěvek od **xrobat** » 22 bře 2014 17:36

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.03.22.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
taborsky :: JIRKA [administrátor]

22. 3. 2014 13:20:44
MBAM-log-2014-03-22 (17-35-25).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 852784
Uplynulý čas: 4 hodin, 14 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 60
C:\AdwCleaner\Quarantine\C\Program Files\lucky leap\updateluckyleap.exe.vir (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\lucky leap\bin\utilluckyleap.exe.vir (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter\ytd_installer.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\taborsky\Dokumenty\Downloads\lshunterApp_Install33.exe (PUP.BundleInstaller.DW) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\taborsky\Dokumenty\Downloads\lshunterApp_setup(47c42).exe (PUP.BundleInstaller.DW) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\taborsky\Dokumenty\Downloads\4shared_Desktop_4.0.1c.exe (PUP.Optional.4Shared) -> Nebyla provedena žádná instrukce.
C:\Program Files\Autodesk\MDT 2007\slidelib.exe (Trojan.KillAV) -> Nebyla provedena žádná instrukce.
C:\Program Files\Techland\Xpand Rally\ChromeEngine2.dll (Trojan.PolyCrypt.Gen) -> Nebyla provedena žádná instrukce.
C:\Program Files\ICQ7.4\upgrade\2dcd1d63cb45e6613582211c3d5f4b23 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Program Files\ICQ7.4\upgrade\53e83dd5315bfb1f928441c9b4618b68 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\RECYCLER\S-1-5-21-1409082233-573735546-725345543-1010\Dc39.exe (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP35\A0011445.dll (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP48\A0014191.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP48\A0014205.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP50\A0014639.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP50\A0014660.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP53\A0015056.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP53\A0015063.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP55\A0015811.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP55\A0015870.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP56\A0017003.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP56\A0017057.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP59\A0017519.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP60\A0017590.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP62\A0018052.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP62\A0018120.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP62\A0018177.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP62\A0018204.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP64\A0018591.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP64\A0018620.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP70\A0022370.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP70\A0022382.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP72\A0022958.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP72\A0022959.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP72\A0022982.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP72\A0022995.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP73\A0023067.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP73\A0023068.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP74\A0023607.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP75\A0023692.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP75\A0023735.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP76\A0023927.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP76\A0023962.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP78\A0024048.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{3F709DAD-59C7-4FAB-AB31-ED5A069CDC66}\RP78\A0024052.exe (PUP.Optional.LuckyLeap.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msthkqn\msthkqn.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\ServicePackFiles\i386\fp40ext.cab (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
D:\install\pwdremover.exe (PSWTool.PdfCracker) -> Nebyla provedena žádná instrukce.
D:\install\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
D:\install\JDownloader 0.7\downloads\FinePrint.PdfFactory.Pro.v4.64.Incl.Keymaker-ZWT.rar (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
D:\install\JDownloader 0.7\downloads\FinePrint_PdfFactory_Pro_4.75.rar (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
D:\install\relax\3DSexVilla[1].v33\3DSexVilla.33\Launcher\fc3DSexVillaRun.exe (Trojan.PWS.OnlineGames) -> Nebyla provedena žádná instrukce.
D:\install\Corel WinDVD Pro 2010\Corel WinDVD Pro 2010\CORE10k.EXE (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
D:\install\VSO ConvertXToDVD 2.2.3.258\Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
D:\home\relax\3DSexVilla[1].v33\3DSexVilla.33\Launcher\fc3DSexVillaRun.exe (Trojan.PWS.OnlineGames) -> Nebyla provedena žádná instrukce.
D:\home\relax\3DSVv34\Launcher\fc3DSexVillaRun.exe (Trojan.PWS.OnlineGames) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\ilona\Data aplikací\wiaserva.log (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)

#6 Příspěvek od **Márty84** » 22 bře 2014 18:08

Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Udelejte novy test s MBAM a dejte sem vysledky.

xrobat · #7 Příspěvek od **xrobat** » 22 bře 2014 23:01

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.22.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
taborsky :: JIRKA [administrátor]

22. 3. 2014 19:07:23
MBAM-log-2014-03-22 (23-06-43).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 843273
Uplynulý čas: 3 hodin, 16 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
D:\install\Corel WinDVD Pro 2010\Corel WinDVD Pro 2010\CORE10k.EXE (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
D:\install\VSO ConvertXToDVD 2.2.3.258\Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.

(konec)

#8 Příspěvek od **Márty84** » 22 bře 2014 23:05

Nalezy nechte odstranit, pak MBAM odinstalujte.

Pokud jste to neudelal, zapnete zase funkci vytvareni bodu obnovy.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

xrobat · #9 Příspěvek od **xrobat** » 22 bře 2014 23:38

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : taborsky [Práva správce]
Mód : Kontrola -- Datum : 03/22/2014 23:41:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : SkyTel (SkyTel.EXE [7]) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 10 ¤¤¤
[Administrator][SUSP UNIC] ColorPage-Vivid Pro II Detector.lnk : C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\ColorPage-Vivid Pro II Detector.lnk @C:\WINDOWS\twain_32\VIVID\VIVID.EXE [-][-] -> NALEZENO
[Administrator][SUSP UNIC] Sonic CinePlayer Quick Launch.lnk : C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Sonic CinePlayer Quick Launch.lnk @C:\PROGRA~1\COMMON~1\SONICS~1\cinetray.exe [-][-] -> NALEZENO
[All Users][SUSP UNIC] Akcelerátor spuštění AutoCADu.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk @C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [-][7] -> NALEZENO
[All Users][SUSP UNIC] InterVideo WinCinema Manager.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk @C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [-][-] -> NALEZENO
[All Users][SUSP PATH] McAfee Security Scan Plus.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk @C:\_OTM\MovedFiles\06222013_193924\C_Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [-][x][-][x] -> NALEZENO
[All Users][SUSP UNIC] Microsoft Office.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk @C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l [-][-] -> NALEZENO
[All Users][SUSP UNIC] Server4PC.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Server4PC.lnk @C:\PROGRA~1\TECHNI~1\bin\SERVER~1.EXE [-][7] -> NALEZENO
[ilona][SUSP UNIC] daemon.exe : C:\Documents and Settings\ilona\Nabídka Start\Programy\Po spuštění\daemon.exe [7] -> NALEZENO
[taborsky][SUSP UNIC] Lingea Update Center.lnk : C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk @C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [-][7] -> NALEZENO
[taborsky][SUSP UNIC] Zástupce - openvpn-gui.lnk : C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Zástupce - openvpn-gui.lnk @C:\PROGRA~1\OpenVPN\bin\OPENVP~1.EXE [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500YS-01SHB1 +++++
--- User ---
[MBR] 3878b5504f4b061f240e0d0ead2e90a7
[BSP] dc66bd2b98c4dca3fdf6c7b791bc6662 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 239359 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD4000AAKS-00TMA0 +++++
--- User ---
[MBR] 1a2e1fc33c5e22187c5d0649ed644ff9
[BSP] b951a6d4eb0aa4460426d91853890608 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 381543 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ USB) Samsung G2 Portable USB Device +++++
--- User ---
[MBR] 71c4d9bb1022dff63de8674a16025a12
[BSP] 3ebb6b9f30f9d8d3127ef860b5ee152d : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 64 | Size: 476937 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_03222014_234134.txt >>

#10 Příspěvek od **Márty84** » 23 bře 2014 08:52

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

xrobat · #11 Příspěvek od **xrobat** » 23 bře 2014 09:45

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : taborsky [Práva správce]
Mód : Odebrat -- Datum : 03/23/2014 09:48:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : SkyTel (SkyTel.EXE [7]) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 10 ¤¤¤
[Administrator][SUSP UNIC] ColorPage-Vivid Pro II Detector.lnk : C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\ColorPage-Vivid Pro II Detector.lnk @C:\WINDOWS\twain_32\VIVID\VIVID.EXE [-][-] -> VYMAZÁNO
[Administrator][SUSP UNIC] Sonic CinePlayer Quick Launch.lnk : C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Sonic CinePlayer Quick Launch.lnk @C:\PROGRA~1\COMMON~1\SONICS~1\cinetray.exe [-][-] -> VYMAZÁNO
[All Users][SUSP UNIC] Akcelerátor spuštění AutoCADu.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk @C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [-][7] -> VYMAZÁNO
[All Users][SUSP UNIC] InterVideo WinCinema Manager.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk @C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [-][-] -> VYMAZÁNO
[All Users][SUSP PATH] McAfee Security Scan Plus.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk @C:\_OTM\MovedFiles\06222013_193924\C_Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [-][x][-][x] -> VYMAZÁNO
[All Users][SUSP UNIC] Microsoft Office.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk @C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l [-][-] -> VYMAZÁNO
[All Users][SUSP UNIC] Server4PC.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Server4PC.lnk @C:\PROGRA~1\TECHNI~1\bin\SERVER~1.EXE [-][7] -> VYMAZÁNO
[ilona][SUSP UNIC] daemon.exe : C:\Documents and Settings\ilona\Nabídka Start\Programy\Po spuštění\daemon.exe [7] -> VYMAZÁNO
[taborsky][SUSP UNIC] Lingea Update Center.lnk : C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk @C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [-][7] -> VYMAZÁNO
[taborsky][SUSP UNIC] Zástupce - openvpn-gui.lnk : C:\Documents and Settings\taborsky\Nabídka Start\Programy\Po spuštění\Zástupce - openvpn-gui.lnk @C:\PROGRA~1\OpenVPN\bin\OPENVP~1.EXE [-][-] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500YS-01SHB1 +++++
--- User ---
[MBR] 3878b5504f4b061f240e0d0ead2e90a7
[BSP] dc66bd2b98c4dca3fdf6c7b791bc6662 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 239359 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD4000AAKS-00TMA0 +++++
--- User ---
[MBR] 1a2e1fc33c5e22187c5d0649ed644ff9
[BSP] b951a6d4eb0aa4460426d91853890608 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 381543 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB SD Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB CF Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB SM Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic USB MS Reader USB Device +++++
Error reading User MBR! ([0x15] Za?ízení není p?ipraveno. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ USB) Samsung G2 Portable USB Device +++++
--- User ---
[MBR] 71c4d9bb1022dff63de8674a16025a12
[BSP] 3ebb6b9f30f9d8d3127ef860b5ee152d : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 64 | Size: 476937 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive7: (\\.\PHYSICALDRIVE7 @ USB) WD Elements 1023 USB Device +++++
--- User ---
[MBR] ef198710b2854d75bc69122f844ae88a
[BSP] 56603e28155608fe0a3aad4451f0e722 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_03232014_094826.txt >>
RKreport[0]_S_03222014_234134.txt;RKreport[0]_S_03232014_094352.txt

xrobat · #12 Příspěvek od **xrobat** » 23 bře 2014 09:45

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : taborsky [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/23/2014 09:50:47
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_03232014_095047.txt >>
RKreport[0]_D_03232014_094826.txt;RKreport[0]_S_03222014_234134.txt;RKreport[0]_S_03232014_094352.txt

#13 Příspěvek od **Márty84** » 23 bře 2014 11:04

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

xrobat · #14 Příspěvek od **xrobat** » 23 bře 2014 11:42

Logfile of random's system information tool 1.09 (written by random/random)
Run by taborsky at 2014-03-23 11:47:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (9%) free of 239 GB
Total RAM: 1022 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:42, on 23. 3. 2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21371)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\jconfigdnt.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\hjavaw.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Java\jre7\bin\javaw.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe
C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\DVBViewer TE2\TS_Winlirc.exe
C:\Documents and Settings\taborsky\Plocha\RogueKiller.exe
C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\taborsky\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\taborsky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [HP CP1020 System Tray] "C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Flexlm Service 1 - Unknown owner - C:\flexlm\lmgrd.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Hummingbird Jconfig Daemon (Jconfigd) - Hummingbird Ltd. - C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\jconfigdnt.exe
O23 - Service: Ansys JobManager Service V11 (JobManagerService110) - Ansys, Inc - C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Ansys ScriptHost Service V11 (ScriptHostService110) - Ansys, Inc. - C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11592 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-573735546-725345543-1010Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-573735546-725345543-1010UA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-12-18 68480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-17 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-17 606544]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-31 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-11-17 1953792]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"HP CP1020 System Tray"=C:\Program Files\HP\HP LaserJet Professional CP1020 Series\HPCP1020STRAY.EXE [2010-05-12 2627384]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-18 3568312]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\taborsky\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-07-23 116648]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DVBViewerTE\ts_winlirc.exe"="C:\Program Files\DVBViewerTE\ts_winlirc.exe:*:Enabled:ts_winlirc"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Hummingbird\Connectivity\7.10\Exceed\exceed.exe"="C:\Program Files\Hummingbird\Connectivity\7.10\Exceed\exceed.exe:*:Enabled:X server for Win32"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe"="C:\Program Files\ANSYS Inc\Shared Files\Licensing\intel\lmgrd.exe:*:Enabled:lmgrd"
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\ANSYS Inc\v120\Framework\bin\Win32\AnsysFWW.exe"="C:\Program Files\ANSYS Inc\v120\Framework\bin\Win32\AnsysFWW.exe:*:Enabled: "
"C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_client.exe"="C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_client.exe:*:Enabled:ANSYS Licensing Interconnect Application"
"C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\Ansys.SolverManager.exe"="C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\Ansys.SolverManager.exe:*:Enabled:Ansys.SolverManager"
"C:\Program Files\ANSYS Inc\v120\commonfiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v120\commonfiles\TCL\bin\intel\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\AnsysWBU.exe:*:Enabled:AnsysWB Module"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ANSYS Inc\v120\commonfiles\jre\intel\bin\java.exe"="C:\Program Files\ANSYS Inc\v120\commonfiles\jre\intel\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Order Of War\oow_final_dx9.exe"="C:\Program Files\Order Of War\oow_final_dx9.exe:*:Enabled:ORDER OF WAR"
"C:\Program Files\ANSYS Inc\v121\commonfiles\Tcl\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v121\commonfiles\Tcl\bin\intel\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\ANSYS Inc\v121\commonfiles\jre\intel\bin\java.exe"="C:\Program Files\ANSYS Inc\v121\commonfiles\jre\intel\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ANSYS Inc\v121\Framework\bin\Win32\AnsysFWW.exe"="C:\Program Files\ANSYS Inc\v121\Framework\bin\Win32\AnsysFWW.exe:*:Enabled:ANSYS Workbench"
"C:\Program Files\ANSYS Inc\v121\aisol\bin\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v121\aisol\bin\intel\AnsysWBU.exe:*:Enabled:AnsysWB Module"
"C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\ANSYS Inc\v121\aisol\bin\intel\AnsMeshingServer.exe"="C:\Program Files\ANSYS Inc\v121\aisol\bin\intel\AnsMeshingServer.exe:*:Enabled:AnsMeshingServer"
"C:\Program Files\DVBViewer TE2\ts_winlirc.exe"="C:\Program Files\DVBViewer TE2\ts_winlirc.exe:*:Disabled:ts_winlirc"
"C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\AnsMeshingServer.exe"="C:\Program Files\ANSYS Inc\v120\AISOL\Bin\intel\AnsMeshingServer.exe:*:Enabled:AnsMeshingServer"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\ANSYS Inc\v130\commonfiles\Tcl\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v130\commonfiles\Tcl\bin\intel\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\ANSYS Inc\v130\Framework\bin\Win32\AnsysFWW.exe"="C:\Program Files\ANSYS Inc\v130\Framework\bin\Win32\AnsysFWW.exe:*:Enabled:ANSYS Workbench"
"C:\Program Files\ANSYS Inc\v130\aisol\bin\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v130\aisol\bin\intel\AnsysWBU.exe:*:Enabled:AnsysWB Module"
"E:\INSTALLER\HPBCSIINSTALLER.EXE"="E:\INSTALLER\HPBCSIINSTALLER.EXE:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\ANSYS Inc\v130\commonfiles\jre\intel\bin\java.exe"="C:\Program Files\ANSYS Inc\v130\commonfiles\jre\intel\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ANSYS Inc\v140\commonfiles\Tcl\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v140\commonfiles\Tcl\bin\intel\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\ANSYS Inc\v140\Framework\bin\Win32\AnsysFWW.exe"="C:\Program Files\ANSYS Inc\v140\Framework\bin\Win32\AnsysFWW.exe:*:Enabled:ANSYS Workbench"
"C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\AnsysWBU.exe:*:Enabled:AnsysWB Module"
"C:\Program Files\ANSYS Inc\v140\commonfiles\jre\intel\bin\java.exe"="C:\Program Files\ANSYS Inc\v140\commonfiles\jre\intel\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\ReaderHostU.exe:*:Enabled:ReaderHost Module"
"C:\Program Files\ANSYS Inc\v140\RSM\bin\Ans.Rsm.JMHost.exe"="C:\Program Files\ANSYS Inc\v140\RSM\bin\Ans.Rsm.JMHost.exe:*:Enabled: "
"C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\AnsMeshingServer.exe"="C:\Program Files\ANSYS Inc\v140\aisol\bin\intel\AnsMeshingServer.exe:*:Enabled:AnsMeshingServer"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\Program Files\ANSYS Inc\v145\commonfiles\Tcl\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v145\commonfiles\Tcl\bin\intel\wish.exe:*:Enabled:Wish Application"
"C:\Program Files\ANSYS Inc\v145\Framework\bin\Win32\AnsysFWW.exe"="C:\Program Files\ANSYS Inc\v145\Framework\bin\Win32\AnsysFWW.exe:*:Enabled:ANSYS Workbench"
"C:\Program Files\ANSYS Inc\v145\aisol\bin\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v145\aisol\bin\intel\AnsysWBU.exe:*:Enabled:AnsysWB Module"
"C:\Program Files\ANSYS Inc\v145\RSM\bin\Ans.Rsm.JMHost.exe"="C:\Program Files\ANSYS Inc\v145\RSM\bin\Ans.Rsm.JMHost.exe:*:Enabled:ANSYS RSM Job Manager Service"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ANSYS Inc\v145\RSM\bin\Ans.Rsm.Admin.exe"="C:\Program Files\ANSYS Inc\v145\RSM\bin\Ans.Rsm.Admin.exe:*:Enabled:ANSYS RSM Admin 2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=vdrcodec.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MJPG"=Pvmjpg30.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.scr - open - "" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-03-23 11:47:22 ----D---- C:\rsit
2014-03-23 09:41:50 ----A---- C:\WINDOWS\system32\TrueSight.sys
2014-03-22 12:51:12 ----D---- C:\Documents and Settings\taborsky\Data aplikací\Malwarebytes
2014-03-22 12:50:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-03-22 08:51:29 ----D---- C:\AdwCleaner
2014-03-22 08:08:45 ----D---- C:\FRST
2014-03-22 07:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$
2014-03-22 06:58:23 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-03-21 18:40:24 ----D---- C:\Documents and Settings\taborsky\Data aplikací\.technic
2014-03-19 21:39:19 ----D---- C:\Program Files\Common Files\Java
2014-03-19 21:39:09 ----A---- C:\WINDOWS\system32\javaws.exe
2014-03-19 21:39:02 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-03-19 21:39:02 ----A---- C:\WINDOWS\system32\javaw.exe
2014-03-19 21:39:02 ----A---- C:\WINDOWS\system32\java.exe
2014-03-15 00:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$
2014-03-15 00:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$
2014-03-07 18:40:11 ----D---- C:\Program Files\Common Files\Skype
2014-02-27 20:17:35 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2014-03-23 11:47:42 ----D---- C:\Program Files\trend micro
2014-03-23 11:47:28 ----D---- C:\WINDOWS\Prefetch
2014-03-23 11:46:39 ----A---- C:\WINDOWS\WINCMD.INI
2014-03-23 10:49:50 ----D---- C:\Documents and Settings\taborsky\Data aplikací\Skype
2014-03-23 09:43:45 ----D---- C:\WINDOWS\system32\drivers
2014-03-23 09:42:06 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-23 09:41:50 ----D---- C:\WINDOWS\system32
2014-03-23 08:48:36 ----D---- C:\WINDOWS\Temp
2014-03-23 01:31:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-03-22 23:35:28 ----SHD---- C:\System Volume Information
2014-03-22 23:35:28 ----D---- C:\WINDOWS\system32\Restore
2014-03-22 23:33:39 ----RD---- C:\Program Files
2014-03-22 23:30:11 ----D---- C:\WINDOWS
2014-03-22 23:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2014-03-22 19:16:03 ----D---- C:\Documents and Settings\taborsky\Data aplikací\.minecraft
2014-03-22 19:00:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2014-03-22 18:54:52 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2014-03-22 18:54:52 ----HD---- C:\WINDOWS\inf
2014-03-22 18:54:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
2014-03-22 12:50:41 ----SHD---- C:\WINDOWS\Installer
2014-03-22 12:44:24 ----D---- C:\Config.Msi
2014-03-22 09:00:47 ----SD---- C:\WINDOWS\Tasks
2014-03-22 07:07:23 ----A---- C:\WINDOWS\imsins.BAK
2014-03-22 07:07:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-03-19 21:39:19 ----D---- C:\Program Files\Common Files
2014-03-19 21:39:02 ----D---- C:\Program Files\Java
2014-03-18 23:50:49 ----SHD---- C:\Documents and Settings\taborsky\Data aplikací\.#
2014-03-18 20:19:58 ----D---- C:\WINDOWS\system32\MRT
2014-03-18 20:15:14 ----A---- C:\WINDOWS\system32\MRT.exe
2014-03-17 22:43:46 ----D---- C:\Documents and Settings\taborsky\Data aplikací\Corel
2014-03-15 08:08:38 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-15 00:27:11 ----D---- C:\Program Files\Internet Explorer
2014-03-15 00:27:03 ----D---- C:\WINDOWS\system32\cs-cz
2014-03-15 00:26:51 ----D---- C:\WINDOWS\ie7updates
2014-03-11 21:57:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-07 18:40:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2014-03-07 18:40:12 ----RD---- C:\Program Files\Skype
2014-03-06 01:19:11 ----A---- C:\WINDOWS\VVD.INI
2014-03-06 01:19:04 ----A---- C:\WINDOWS\CADCNTRL.INI
2014-03-02 15:57:35 ----D---- C:\WINDOWS\Minidump
2014-03-01 09:52:31 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2013-11-18 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\WINDOWS\system32\drivers\aswNdis2.sys [2013-11-18 247192]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-10-17 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-10-17 178304]
R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-08 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-11-21 43648]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-11-14 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-10 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 as6eio;as6eio; C:\WINDOWS\System32\drivers\as6eio.SYS [1997-12-08 3616]
R1 aswKbd;aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 Cinemsup;Cinemsup; C:\WINDOWS\system32\drivers\Cinemsup.sys [2002-07-19 6656]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 aksfridge;Sentinel Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2012-08-07 365056]
R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 ppsio2;PPDevice; C:\WINDOWS\system32\drivers\ppsio2.sys [1999-04-02 22400]
R2 regi;regi; \??\C:\WINDOWS\system32\drivers\regi.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2012-03-31 47360]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2009-09-11 507408]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2008-02-05 59960]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ahikjwbk;ahikjwbk; C:\WINDOWS\system32\drivers\ahikjwbk.sys []
S3 akshasp;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2012-06-15 238208]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2012-06-15 46720]
S3 aksusb;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2012-06-15 289152]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\c:\Program Files\MediaCoder Mobile Phone Edition\SysInfo.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XXLHASP;XXLHASP; \??\c:\windows\system32\drivers\XXLHASP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe [2012-09-24 3949056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-18 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-11-18 116776]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]
R2 hasplms;Sentinel Local License Manager; C:\WINDOWS\system32\hasplms.exe [2012-08-22 4412872]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2010-04-12 142336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 Jconfigd;Hummingbird Jconfig Daemon; C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Jconfig\jconfigdnt.exe [2001-07-23 28672]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-09-20 20480]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-09-20 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S2 Flexlm Service 1;Flexlm Service 1; C:\flexlm\lmgrd.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-26 136176]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
S2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [2005-02-09 14165]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-23 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-29 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-26 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2006-10-01 16384]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 HCLInetd;Hummingbird Inetd; C:\WINDOWS\system32\Hummingbird\Connectivity\7.10\Inetd\inetd32.exe [2001-07-26 32768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#15 Příspěvek od **Márty84** » 23 bře 2014 11:47

Jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu