Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalené PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Zpomalené PC

#1 Příspěvek od RomanL2 »

Dobrý den, prosím o preventivní kontrolu, poslední dobou se mi zdá PC pomalejší. Nějaké extra problémy se nevyskytují, ale nepřipadá mi zcela ve formě.
Zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by OEM at 2015-05-17 11:02:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 612 GB (64%) free of 954 GB
Total RAM: 3327 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:02:59, on 17.5.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\OEM\Plocha\RSIT.exe
C:\Program Files\trend micro\OEM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: (no name) - {FF103732-4528-4322-AA8B-F7849AB7776B} - (no file)
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Launcher3010] "C:\Program Files\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox Phaser 3010
O4 - HKLM\..\Run: [DocuPrint 3010 RUN] "C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun3010] "C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox Phaser 3010,hide,\S
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Avast-Browser-Cleanup] "C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe"/RunOnce
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.videodownloadconverter.c ... 90402&cv=1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 0727837421
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microso ... 0727798453
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFDCF2F6-C7E9-43AF-83B6-8B865C5F9912}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
O24 - Desktop Component 0: (no name) - http://amail.centrum.cz/js/popupmenu.js

--
End of file - 8458 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\User_Feed_Synchronization-{C7D214DC-E866-4802-B74B-5104EE5238C7}.job - C:\WINDOWS\system32\msfeedssync.exe sync

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, cs@dictionaries.addons.mozilla.org:1.0.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110316W, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://www.google.com/search"

"{3112ca9c-de6d-4884-a869-9855de68056c}"=C:\Documents and Settings\All Users\Data aplikací\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
gemgecko.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
Ask.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\extensions\
ChoiceGuard@Microsoft
cs@dictionaries.addons.mozilla.org
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [2006-06-07 507904]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-17 19520544]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-05 98304]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Launcher3010"=C:\Program Files\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-04-19 2570752]
"DocuPrint 3010 RUN"=C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2011-04-19 357376]
"StatusAutoRun3010"=C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2011-04-19 3658240]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"=C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-03-25 31682144]
"Avast-Browser-Cleanup"=C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe [2015-04-25 1530992]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-04-02 563416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
C:\WINDOWS\system32\antiwpa.dll [2012-03-03 60416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-04-06 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe"="C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe:*:Enabled:Zoner Media Server 17"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\network diagnostic\xpnetdiag.exe"="C:\WINDOWS\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MJPG"=pvmjpg21.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-05-17 11:02:48 ----D---- C:\rsit
2015-05-17 10:33:40 ----A---- C:\WINDOWS\system32\hidserv.dll
2015-04-25 20:34:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-04-25 20:33:58 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-05-17 11:02:59 ----D---- C:\Program Files\trend micro
2015-05-17 11:02:56 ----D---- C:\WINDOWS\Prefetch
2015-05-17 10:52:35 ----D---- C:\WINDOWS
2015-05-17 10:52:34 ----D---- C:\WINDOWS\Minidump
2015-05-17 10:51:55 ----D---- C:\WINDOWS\Temp
2015-05-17 10:49:01 ----D---- C:\Program Files\CCleaner
2015-05-17 10:43:28 ----SHD---- C:\WINDOWS\Installer
2015-05-17 10:43:28 ----D---- C:\Config.Msi
2015-05-17 10:43:26 ----D---- C:\Program Files
2015-05-17 10:39:57 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-17 10:38:13 ----D---- C:\WINDOWS\system32\CatRoot2
2015-05-17 10:37:38 ----D---- C:\WINDOWS\system32
2015-05-17 10:35:55 ----N---- C:\WINDOWS\SchedLgU.Txt
2015-05-17 10:35:22 ----D---- C:\WINDOWS\system32\drivers
2015-05-17 10:18:45 ----AC---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-17 10:07:58 ----D---- C:\Documents and Settings\OEM\Data aplikací\Skype
2015-05-14 15:27:39 ----D---- C:\WINDOWS\system32\config
2015-05-07 20:54:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-04 23:19:08 ----D---- C:\Program Files\Mobogenie
2015-04-30 09:30:54 ----D---- C:\WINDOWS\network diagnostic
2015-04-25 22:08:37 ----RD---- C:\Program Files\Common Files
2015-04-25 22:08:37 ----D---- C:\Program Files\Common Files\Nikon
2015-04-25 22:08:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nikon
2015-04-25 22:08:32 ----D---- C:\Program Files\Nikon
2015-04-25 20:35:21 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86;ahcix86; C:\WINDOWS\system32\drivers\ahcix86.sys [2010-04-06 189008]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-04-25 49904]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-04-25 209048]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-04-25 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-04-25 787760]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-04-25 427992]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-04-25 57888]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-04-25 24144]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-04-25 74976]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-04-06 7746048]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-02-23 99856]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-17 5878304]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2011-12-13 43392]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-31 3960896]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 es1969;Zvukový ovladač ESS 1969 (WDM); C:\WINDOWS\system32\drivers\es1969.sys [2001-08-17 72192]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\Sandra.sys []
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\C:\WINDOWS\system32\drivers\TrueSight.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 VtcDrv;Philips SA60xx Recovery Device; C:\WINDOWS\System32\Drivers\vtcdrv.sys [2007-02-23 18560]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-04-06 647168]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-25 343336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2011-04-19 79872]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-01 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-01 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-27 115608]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe [2009-02-04 95896]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Re: Zpomalené PC

#3 Příspěvek od RomanL2 »

Tak zde log z AdwClear:

# AdwCleaner v4.204 - Logfile created 18/05/2015 at 20:50:26
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : OEM - SEMPRON2500
# Running from : C:\Documents and Settings\OEM\Plocha\adwcleaner_4.204.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\wincert
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\VideoDownloadConverter_4z
Folder Deleted : C:\Documents and Settings\OEM\Local Settings\Data aplikací\genienext
Folder Deleted : C:\Documents and Settings\OEM\Local Settings\Data aplikací\iac
Folder Deleted : C:\Documents and Settings\OEM\Local Settings\Data aplikací\ilividmoviestoolbarha
Folder Deleted : C:\Documents and Settings\OEM\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\OEM\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\7go
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\file scout
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\ilividmoviestoolbarha
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\newnext.me
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\PerformerSoft
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\SeeSimilar02
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\SpeedAnalysis2
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\SpeedAnalysis3
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\Uniblue
Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\VideoDownloadConverter_4z
[!] Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
[!] Folder Deleted : C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi
File Deleted : C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\7go@7go.com.xpi
File Deleted : C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\OEM\daemonprocess.txt
File Deleted : C:\Documents and Settings\OEM\Data aplikací\speedanalysis.ico
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Ask.xml

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKLM\SOFTWARE\Classes\7Go Games.ScriptHostObject
Key Deleted : HKLM\SOFTWARE\Classes\7Go Games.ScriptHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2d9083ce-8758-4704-ba57-3c891d7452bd}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9103c314-c4e2-4463-8934-b19bcb46236d}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF103732-4528-4322-AA8B-F7849AB7776B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d9083ce-8758-4704-ba57-3c891d7452bd}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d429207-4689-492d-a0e5-cdc5dfbb5005}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\bbrs_002.tb
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\USyndication
Key Deleted : HKCU\Software\VideoDownloadConverter_4z
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter_4z
Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Speed Analysis 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4F524A2D-5350-4500-76A7-A758B70C1500}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Internet Explorer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VideoDownloadConverter_4zbar Uninstall Firefox
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v20.0 (cs)

[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.7go@7go.com.mzID", "93");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=14EC4016-3698-4832-B0EC-8CA48ADE68B0&n=77fd52d8&p2=^HJ^xdm007^YYA^cz&si=CM6it7WTsbkCFYSV3godBlUAX[...]
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.lastGuardTime", 297838289);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.numGuards", 1);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013090520");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm007^YYA^cz");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "CM6it7WTsbkCFYSV3godBlUAXA");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "14EC4016-3698-4832-B0EC-8CA48ADE68B0");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1391861733862");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
[kg7jq75u.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

-\\ Google Chrome v42.0.2311.152

[C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?gct=hp
[C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006",
"usage_count": 0
}
},
"extensions": {
"settings": {
"aaaaaiabcopkplhgaedhbloeejhhankf": {
"ack_prompt_count": 3,
"active_permissions": {
"api": [ "homepage", "management", "nativeMessaging", "searchProvider", "startupPages", "storage", "tabs", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "*://*.ask.com/

*************************

AdwCleaner[R0].txt - [24588 bytes] - [18/05/2015 20:46:58]
AdwCleaner[S0].txt - [23517 bytes] - [18/05/2015 20:50:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23577 bytes] ##########
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#4 Příspěvek od altrok »

:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Re: Zpomalené PC

#5 Příspěvek od RomanL2 »

Zde log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-05-2015 02
Ran by OEM (administrator) on SEMPRON2500 on 18-05-2015 21:07:35
Running from C:\Documents and Settings\OEM\Plocha
Loaded Profiles: OEM (Available profiles: OEM & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
() C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
() C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(forum.viry.cz) C:\Documents and Settings\OEM\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [507904 2006-06-07] ()
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19520544 2010-03-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-04-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [Launcher3010] => C:\Program Files\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2570752 2011-04-19] (Xerox)
HKLM\...\Run: [DocuPrint 3010 RUN] => C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [357376 2011-04-19] ()
HKLM\...\Run: [StatusAutoRun3010] => C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [3658240 2011-04-19] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
Winlogon\Notify\Antiwpa: C:\WINDOWS\system32\antiwpa.dll [2012-03-03] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-04-06] (ATI Technologies Inc.)
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [pdfSaver3] => C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [Avast-Browser-Cleanup] => C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe [1530992 2015-04-25] (AVAST Software)
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Control Panel\Desktop\\SCRNSAVE.EXE ->
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-25] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> {7C70D177-86BC-499E-814F-96B451DBCAF8} URL = http://search.centrum.cz/index.php?utm_ ... earchTerms}
SearchScopes: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A} URL = http://search.seznam.cz/searchScreen?w= ... rer:source?}
SearchScopes: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2013-10-29] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2013-10-29] (Microsoft Corporation)
Tcpip\..\Interfaces\{AFDCF2F6-C7E9-43AF-83B6-8B865C5F9912}: [NameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-17] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-583907252-1390067357-1177238915-1004: @kb-ext.cz/PKIComponent -> C:\Documents and Settings\OEM\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-09-26] (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-06-30] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-06-30] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2013-03-27]
FF Extension: Microsoft Choice Guard - C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\ChoiceGuard@Microsoft [2009-04-16]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\cs@dictionaries.addons.mozilla.org [2013-04-03]
FF Extension: Garmin Communicator - C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\kg7jq75u.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-23]
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\Documents and Settings\All Users\Data aplikací\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\All Users\Data aplikací\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-08-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-08]
FF HKLM\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

Chrome:
=======
CHR HomePage: Default -> hxxp://www.atlas.cz/
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR Profile: C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Google Docs) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-27]
CHR Extension: (Google Drive) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (YouTube) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (Google Search) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (Google Sheets) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-27]
CHR Extension: (Google Wallet) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Documents and Settings\OEM\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [647168 2012-04-06] (ATI Technologies Inc.) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [125952 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [134144 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [293376 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111616 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [111104 2009-02-09] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-18] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe [95896 2009-02-04] (SiSoftware) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [97792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [329728 2008-04-21] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [334336 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [90112 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295936 2008-04-15] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [290816 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\system32\w32time.dll [176640 2008-04-17] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
R2 XRNADB; C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [79872 2011-04-19] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [188288 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11776 2004-08-18] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
R0 ahcix86; C:\WINDOWS\System32\drivers\ahcix86.sys [189008 2010-04-06] (Advanced Micro Devices, Inc)
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3960896 2006-03-31] (Realtek Semiconductor Corp.) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) [File not signed]
R3 Arp1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-04-25] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [74976 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-04-25] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787760 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427992 2015-04-25] (Avast Software s.r.o.)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209048 2015-04-25] ()
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-13] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7746048 2012-04-06] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [99856 2012-02-23] (Advanced Micro Devices)
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies)
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-08-18] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-18] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 cdrbsdrv; C:\WINDOWS\system32\Drivers\cdrbsdrv.sys [13567 2004-03-08] (B.H.A Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation) [File not signed]
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [41984 2004-08-11] (Samsung Electronics Co., Ltd.) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-18] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) [File not signed]
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation) [File not signed]
S3 es1969; C:\WINDOWS\System32\drivers\es1969.sys [72192 2001-08-17] (ESS Technology Inc.) [File not signed]
R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron)
S4 exFat; C:\WINDOWS\system32\Drivers\exFat.sys [133632 2008-09-29] (Microsoft Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-13] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-13] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [9216 2008-09-29] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125184 2004-08-18] (Microsoft Corporation) [File not signed]
R0 gagp30kx; C:\WINDOWS\System32\DRIVERS\gagp30kx.sys [46464 2008-04-13] (Microsoft Corporation) [File not signed]
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52096 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-18] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-13] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [9216 2010-02-22] (MBB Incorporated) [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-18] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-10-24] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180096 2010-06-30] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-13] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2010-11-02] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NIC1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [61824 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-13] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-18] (Microsoft Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-18] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-18] (Microsoft Corporation) [File not signed]
R0 ohci1394; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [61696 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80000 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-13] (Microsoft Corporation) [File not signed]
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-18] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68736 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2004-08-18] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120064 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [39680 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-18] (Parallel Technologies, Inc.) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-18] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-18] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-18] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58496 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [81408 2006-02-27] (Realtek Semiconductor Corporation ) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation) [File not signed]
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2007-11-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64256 2008-04-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\WINDOWS\System32\DRIVERS\sermouse.sys [17664 2001-10-24] (Microsoft Corporation) [File not signed]
R0 SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [4096 2003-03-25] (Silicon Integrated Systems Corp.) [File not signed]
R0 sisidex; C:\WINDOWS\System32\drivers\sisidex.sys [49024 2002-10-17] (Windows (R) 2000 DDK provider) [File not signed]
R0 sisperf; C:\WINDOWS\System32\drivers\sisperf.sys [9472 2002-08-20] (Silicon Integrated Systems Corp.) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73344 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
S3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-17] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-13] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VtcDrv; C:\WINDOWS\System32\Drivers\vtcdrv.sys [18560 2007-02-23] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-13] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) [File not signed]
R1 WmiAcpi; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2008-04-13] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2004-08-18] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\WINDOWS\System32\DRIVERS\WUDFRd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 ZTEusbmdm6k; C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys [105856 2010-03-02] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmea; C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys [105856 2010-03-02] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys [105856 2010-03-02] (ZTE Incorporated) [File not signed]
U5 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) [File not signed]
S3 cmuda; system32\drivers\cmuda.sys [X]
S3 cpuz130; \??\C:\DOCUME~1\OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) [File not signed]
U3 TlntSvr; No ImagePath
U3 TrueSight; \??\C:\WINDOWS\system32\drivers\TrueSight.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-18 21:07 - 2015-05-18 21:07 - 00044593 _____ () C:\Documents and Settings\OEM\Plocha\FRST.txt
2015-05-18 21:06 - 2015-05-18 21:07 - 00000000 ____D () C:\FRST
2015-05-18 21:05 - 2015-05-18 21:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\OEM\Plocha\FRSTLauncher.exe
2015-05-18 20:52 - 2015-05-18 20:52 - 06420480 _____ () C:\Program Files\GUT80.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 00000000 ____D () C:\Program Files\GUM7F.tmp
2015-05-18 20:46 - 2015-05-18 20:52 - 00000000 ____D () C:\AdwCleaner
2015-05-18 20:44 - 2015-05-18 20:43 - 02209792 _____ () C:\Documents and Settings\OEM\Plocha\adwcleaner_4.204.exe
2015-05-17 11:08 - 2015-05-18 20:54 - 00078929 _____ () C:\WINDOWS\setupapi.log
2015-05-17 11:02 - 2015-05-17 11:03 - 00000000 ____D () C:\rsit
2015-05-17 11:02 - 2015-05-17 11:02 - 01107968 _____ () C:\Documents and Settings\OEM\Plocha\RSIT.exe
2015-05-17 10:59 - 2015-05-17 10:59 - 01146368 _____ (Farbar) C:\Documents and Settings\OEM\Plocha\FRST.exe
2015-05-17 10:33 - 2008-04-14 05:21 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2015-05-14 15:24 - 2015-05-14 15:24 - 00329808 _____ () C:\Documents and Settings\OEM\Plocha\Nový seznam (2).gpx
2015-05-14 15:19 - 2015-05-14 15:18 - 00317627 _____ () C:\Documents and Settings\OEM\Plocha\1431609535.gpx
2015-05-13 19:01 - 2015-05-13 19:01 - 00127725 _____ () C:\Documents and Settings\OEM\Plocha\gutenberg_cesty.gpx
2015-05-12 22:34 - 2015-05-12 22:33 - 00047052 _____ () C:\Documents and Settings\OEM\Plocha\1431462820.gpx
2015-04-25 20:34 - 2015-04-25 20:33 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-25 20:33 - 2015-04-25 20:33 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-22 22:48 - 2015-04-22 22:48 - 00000110 ____H () C:\Documents and Settings\OEM\Plocha\Beze jména.jpg.uid-zps

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-18 21:07 - 2013-04-29 22:18 - 00000000 ____D () C:\Documents and Settings\OEM\Local Settings\temp
2015-05-18 21:07 - 2007-01-25 18:28 - 00000000 ____D () C:\Documents and Settings\OEM\Plocha
2015-05-18 21:06 - 2007-01-25 18:28 - 00000000 ___HD () C:\Documents and Settings\OEM\Local Settings\Data aplikací
2015-05-18 20:59 - 2012-07-17 19:24 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-05-18 20:57 - 2012-02-26 14:21 - 00000462 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{C7D214DC-E866-4802-B74B-5104EE5238C7}.job
2015-05-18 20:56 - 2008-12-28 16:28 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-05-18 20:55 - 2007-01-27 10:50 - 00000000 ____D () C:\Documents and Settings\OEM\Data aplikací\Skype
2015-05-18 20:54 - 2012-05-01 09:13 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 20:54 - 2007-01-25 19:11 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-05-18 20:54 - 2007-01-25 19:11 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-05-18 20:54 - 2007-01-25 18:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-18 20:53 - 2013-04-29 22:20 - 01120738 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-18 20:53 - 2012-02-04 10:18 - 00262144 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-05-18 20:53 - 2007-01-25 18:28 - 00000272 ___SH () C:\Documents and Settings\OEM\ntuser.ini
2015-05-18 20:53 - 2007-01-25 18:27 - 00032488 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-18 20:52 - 2012-05-01 09:13 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 20:52 - 2007-01-25 18:28 - 00000000 __RHD () C:\Documents and Settings\OEM\Data aplikací
2015-05-18 20:52 - 2007-01-25 18:28 - 00000000 ____D () C:\Documents and Settings\OEM
2015-05-18 20:50 - 2007-01-25 19:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-05-18 20:39 - 2004-08-18 14:00 - 00001230 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-17 12:14 - 2013-10-21 13:09 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-17 11:14 - 2012-06-27 17:38 - 00778416 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-17 11:14 - 2011-06-01 14:37 - 00142512 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-17 11:02 - 2012-02-05 07:55 - 00000000 ____D () C:\Program Files\trend micro
2015-05-17 10:52 - 2009-07-08 21:44 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-17 10:49 - 2012-02-04 12:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-17 10:49 - 2012-02-04 12:07 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-05-14 14:15 - 2007-01-25 18:28 - 00000000 ___RD () C:\Documents and Settings\OEM\Plocha\Obrázky
2015-05-14 13:52 - 2015-01-04 18:58 - 00000000 ___RD () C:\Documents and Settings\OEM\Plocha\geo 2015
2015-05-14 11:44 - 2014-08-04 20:07 - 00013251 _____ () C:\Documents and Settings\OEM\Plocha\Odkazy na vebové stránky.odt
2015-05-14 07:24 - 2013-05-17 19:24 - 00000000 _____ () C:\sparkraw.log
2015-05-10 21:21 - 2008-12-03 15:28 - 00183296 __SHC () C:\Documents and Settings\OEM\Dokumenty\Thumbs.db
2015-05-07 20:54 - 2007-01-25 19:09 - 01286794 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-06 19:43 - 2007-02-01 12:38 - 00000000 ___RD () C:\Documents and Settings\OEM\Plocha\NÁŠ DUM
2015-05-06 17:59 - 2015-02-02 15:42 - 00000000 ____D () C:\Documents and Settings\OEM\Plocha\Mapy pochodů
2015-05-03 20:17 - 2014-12-06 17:33 - 00000000 ___RD () C:\Documents and Settings\OEM\Plocha\geo 2014
2015-04-29 12:39 - 2007-01-25 19:19 - 00000000 __SHD () C:\Documents and Settings\OEM\UserData
2015-04-25 22:08 - 2011-01-12 23:42 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Nikon
2015-04-25 22:08 - 2011-01-12 22:59 - 00000000 ____D () C:\Program Files\Nikon
2015-04-25 22:08 - 2011-01-12 19:10 - 00000000 ____D () C:\Program Files\Common Files\Nikon
2015-04-25 22:08 - 2011-01-12 19:08 - 00000000 ___HC () C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
2015-04-25 22:08 - 2011-01-12 19:08 - 00000000 ____C () C:\Documents and Settings\OEM\Data aplikací\Hybrid Basic
2015-04-25 22:08 - 2007-01-25 19:08 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-04-25 22:03 - 2007-01-25 17:41 - 00000000 ___RD () C:\Documents and Settings\OEM\Plocha\Nepoužívané odkazy plochy
2015-04-25 20:34 - 2014-04-22 20:46 - 00024144 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-25 20:34 - 2013-03-05 22:44 - 00209048 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-25 20:34 - 2013-03-05 22:44 - 00074976 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-25 20:34 - 2013-03-05 22:44 - 00049904 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-25 20:34 - 2008-03-31 11:50 - 00427992 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-25 20:34 - 2007-01-26 09:33 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-04-25 20:34 - 2007-01-26 09:33 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-04-25 20:33 - 2011-05-08 09:41 - 00787760 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2012-07-11 17:18 - 2012-07-11 17:18 - 0000000 ____C () C:\Program Files\GUM6F.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 6420480 _____ () C:\Program Files\GUT80.tmp
2008-05-04 21:36 - 2008-05-04 21:36 - 3467608 ____C (Uniblue ) C:\Program Files\registrybooster.exe
2008-05-18 15:29 - 2008-05-18 15:29 - 62043412 ____C (ZONER software ) C:\Program Files\zps10_cz.exe
2008-06-18 21:02 - 2008-06-18 21:02 - 6935517 ____C (ZONER software ) C:\Program Files\zps10_cz_patch_b14.exe
2011-01-12 19:08 - 2015-04-25 22:08 - 0000000 ____C () C:\Documents and Settings\OEM\Data aplikací\Hybrid Basic
2011-01-12 19:09 - 2015-03-17 14:10 - 0000000 ____C () C:\Documents and Settings\OEM\Data aplikací\Hybrid Morph
2011-01-12 22:59 - 2012-02-26 12:03 - 0000000 ____C () C:\Documents and Settings\OEM\Data aplikací\Image Units
2011-01-12 22:59 - 2012-02-26 12:03 - 0000000 ____C () C:\Documents and Settings\OEM\Data aplikací\Importer
2014-05-27 10:13 - 2014-05-27 10:54 - 0000104 ____C () C:\Documents and Settings\OEM\Data aplikací\MoZiLive.ini
2010-03-16 12:26 - 2010-04-23 01:21 - 0062482 ____C () C:\Documents and Settings\OEM\Data aplikací\preview.html
2012-06-30 23:11 - 2012-06-30 23:11 - 0000268 __RHC () C:\Documents and Settings\OEM\Data aplikací\Profiles
2012-06-30 23:11 - 2012-06-30 23:11 - 0000268 __RHC () C:\Documents and Settings\OEM\Data aplikací\Project Templates
2012-02-07 19:23 - 2012-02-07 19:58 - 11354112 ____C () C:\Documents and Settings\OEM\Data aplikací\Sandra.mdb
2007-05-08 12:43 - 2014-08-23 15:36 - 0068096 ____C () C:\Documents and Settings\OEM\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-16 19:49 - 2012-06-16 19:49 - 0000123 ____C () C:\Documents and Settings\OEM\Local Settings\Data aplikací\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\OEM\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\OEM\Local Settings\temp\SkypeSetup.exe
C:\Documents and Settings\OEM\Local Settings\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2004-08-18 14:00] - [2008-04-14 05:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1




C:\WINDOWS\system32\winlogon.exe
[2004-08-18 14:00] - [2008-04-14 05:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea




C:\WINDOWS\system32\svchost.exe
[2004-08-18 14:00] - [2008-04-14 05:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93




C:\WINDOWS\system32\services.exe
[2004-08-18 14:00] - [2009-02-09 13:18] - 0111104 ____A (Microsoft Corporation) 3d107d45ccfdb266e91d84b52cd7f430




C:\WINDOWS\system32\User32.dll
[2004-08-18 14:00] - [2008-04-14 05:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53




C:\WINDOWS\system32\userinit.exe
[2004-08-18 14:00] - [2008-04-14 05:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239




C:\WINDOWS\system32\rpcss.dll
[2004-08-18 14:00] - [2009-02-09 12:59] - 0401408 ____A (Microsoft Corporation) c0bd34a62508ba68f146e22ce45919f9




ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-18 14:00] - [2008-04-14 04:12] - 0052480 ___AC (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1








===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:931.51 GB) (Free:596.92 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 2758.37 MB
Total physical RAM: 3327.1 MB
Percentage of memory in use: 17%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: 09DFEB08)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C7D214DC-E866-4802-B74B-5104EE5238C7}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\OEM\Plocha" je 203687 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2012.SP2\\RpcAgentSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2012.SP2\\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2012.SP2\\WNt500x86\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2012.SP2\\WNt500x86\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Zoner\\Photo Studio 17\\Program32\\MediaServer.exe"="C:\\Program Files\\Zoner\\Photo Studio 17\\Program32\\MediaServer.exe:*:Enabled:Zoner Media Server 17"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\network diagnostic\\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"5985:TCP"="5985:TCP:*:Disabled:Vzdlen sprva systmu Windows "


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================


A log Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-05-2015 02
Ran by OEM at 2015-05-18 21:08:32
Running from C:\Documents and Settings\OEM\Plocha
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-583907252-1390067357-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-583907252-1390067357-1177238915-1006 - Limited - Enabled)
Guest (S-1-5-21-583907252-1390067357-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-583907252-1390067357-1177238915-1000 - Limited - Disabled)
OEM (S-1-5-21-583907252-1390067357-1177238915-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\OEM
SUPPORT_388945a0 (S-1-5-21-583907252-1390067357-1177238915-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.5.4 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A95000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB911564) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version: - Microsoft Corporation)
Aktualizace zabezpečení produktu Windows XP (KB923689) (HKLM\...\KB923689) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB944533) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB950759) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB953838) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
AMD Catalyst Install Manager (HKLM\...\{B293548D-735F-1F86-1C9C-1A56B8928FEE}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
ArcSoft Panorama Maker 5 (HKLM\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.25 - ArcSoft)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Canon MP Drivers 7.0 (HKLM\...\{D335AC77-6F59-46D6-9082-F74A9F7E0FC3}) (Version: - )
Canon MP Navigator 1.1 (HKLM\...\{8653730A-683D-4C42-BB18-6471291D5DEA}) (Version: - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
Canon Utilities Easy-PhotoPrint (HKLM\...\Easy-PhotoPrint) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDex extraction audio (HKLM\...\CDex) (Version: - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
EasyGPS 4.93.0.0 (HKLM\...\EasyGPS_is1) (Version: 4.93.0.0 - TopoGrafix)
File Uploader (HKLM\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.5 - Nikon)
Garmin BaseCamp (HKLM\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM\...\{68C17A81-81E1-458C-8555-3131C4D7A8DF}) (Version: 6.16.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Griddlers Deluxe 2007 (HKLM\...\Griddlers Deluxe_is1) (Version: - V. Kasyan)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version: - )
Kurso de Esperanto 4 (HKLM\...\{021F206C-3243-420E-9F0B-82639583E425}_is1) (Version: 4.1.2 - Esperanto)
Media Converter for Philips (HKLM\...\{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}) (Version: - ArcSoft)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MoZiLive 1.2.5.4 (HKLM\...\{D1464D57-8585-4CE1-B219-D977157E530E}_is1) (Version: 1.2.5.4 - KlaMa)
Mozilla Firefox 20.0 (x86 cs) (HKLM\...\Mozilla Firefox 20.0 (x86 cs)) (Version: 20.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 20.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{AEB9948B-4FF2-47C9-990E-47014492A0FE}) (Version: 6.00.3883.8 - Microsoft Corporation)
MyGC (HKLM\...\{9F978B29-E3F5-47A5-9319-07AC35C925E6}) (Version: 0.3.4.34 - MyGC)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
OLYMPUS Master (HKLM\...\InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}) (Version: 1.00.8000 - OLYMPUS IMAGING CORP.)
OLYMPUS Master (Version: 1.00.8000 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Master 2 (HKLM\...\{F958F15A-4CE2-44E7-8179-97BBDCAF401A}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OmniPage SE 2.0 (HKLM\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0004 - ScanSoft, Inc.)
OpenOffice 4.0.1 (HKLM\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864) (Version: 1 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.1 - Nikon)
QuickTime (HKLM\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.23 - Realtek Semiconductor Corp.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.25.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6069 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung CLP-300 Series (HKLM\...\Samsung CLP-300 Series) (Version: - )
SiSoftware Sandra Lite 2012.SP2 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.30.2012.2 - SiSoftware)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Slovakia TOPO v2 (HKLM\...\{A1E15B5F-E414-4595-A1B5-94A2F07EF9CB}) (Version: 2.00 - CONAN s.r.o.)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
TOPO Czech 3.1 PRO (HKLM\...\{4F50C25D-9236-42EE-86A4-F0BC39A543AE}) (Version: 3.10 - Picodas Praha, spol. s r.o.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
VBA (2720) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
Wocarson Windows Genuine Advantage Validation v1.9.40.0 Cracked V2 (HKLM\...\{E108ADB5-8B3E-427D-A945-EAA2FCE68913}) (Version: 1.9.40.0 - Wocarson)
Xerox Phaser 3010 (HKLM\...\InstallShield_{3402F837-F1CC-4A02-B554-D02C96D43C5F}) (Version: 1.003.00 - Xerox)
Xerox Phaser 3010 (Version: 1.003.00 - Xerox) Hidden
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
Zoner Photo Map - ČR 1:100 000 (HKLM\...\Zoner Photo Map - ČR 1:100 000_is1) (Version: - ZONER software)
Zoner Photo Studio 10 (HKLM\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.8 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)
ZTE Drivers (HKLM\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

18-02-2015 16:56:36 Kontrolní bod systému
19-02-2015 17:43:09 Kontrolní bod systému
20-02-2015 18:37:15 Kontrolní bod systému
22-02-2015 14:40:29 Kontrolní bod systému
24-02-2015 11:22:47 Kontrolní bod systému
25-02-2015 13:00:08 Kontrolní bod systému
26-02-2015 13:14:05 Kontrolní bod systému
27-02-2015 14:31:13 Kontrolní bod systému
01-03-2015 18:45:35 Kontrolní bod systému
03-03-2015 21:48:51 Kontrolní bod systému
08-03-2015 11:10:53 Kontrolní bod systému
12-03-2015 20:54:52 Kontrolní bod systému
14-03-2015 22:19:40 Kontrolní bod systému
16-03-2015 14:53:44 Kontrolní bod systému
17-03-2015 14:10:29 Removed ViewNX
28-03-2015 21:37:17 Kontrolní bod systému
30-03-2015 13:59:43 Kontrolní bod systému
01-04-2015 18:08:10 Kontrolní bod systému
02-04-2015 19:31:43 Kontrolní bod systému
05-04-2015 19:54:53 Kontrolní bod systému
06-04-2015 20:18:34 Kontrolní bod systému
08-04-2015 14:08:19 Kontrolní bod systému
11-04-2015 17:17:37 Kontrolní bod systému
13-04-2015 13:48:50 Kontrolní bod systému
14-04-2015 16:12:28 Kontrolní bod systému
17-04-2015 18:35:31 Kontrolní bod systému
21-04-2015 13:07:51 Kontrolní bod systému
22-04-2015 13:18:31 Kontrolní bod systému
25-04-2015 20:32:41 avast! antivirus system restore point
25-04-2015 22:05:53 Removed Nikon File Uploader 2.
25-04-2015 22:06:43 Removed Nikon Message Center
25-04-2015 22:07:28 Removed Nikon Message Center 2.
25-04-2015 22:08:24 Removed Nikon Transfer
27-04-2015 13:35:38 Kontrolní bod systému
29-04-2015 16:46:32 Kontrolní bod systému
01-05-2015 18:28:38 Kontrolní bod systému
02-05-2015 18:58:00 Kontrolní bod systému
04-05-2015 10:24:36 Kontrolní bod systému
05-05-2015 15:52:00 Kontrolní bod systému
06-05-2015 16:11:33 Kontrolní bod systému
07-05-2015 16:27:05 Kontrolní bod systému
08-05-2015 20:05:24 Kontrolní bod systému
10-05-2015 20:56:15 Kontrolní bod systému
13-05-2015 21:42:45 Kontrolní bod systému
17-05-2015 10:05:24 Instalace nepodepsaného ovladače
17-05-2015 10:25:59 Instalace nepodepsaného ovladače
17-05-2015 10:30:25 Aktualizovat na nepodepsaný ovladač
17-05-2015 10:33:40 Aktualizovat na nepodepsaný ovladač
17-05-2015 10:35:19 Aktualizovat na nepodepsaný ovladač
17-05-2015 10:43:11 Removed Search App by Ask
17-05-2015 11:11:03 Instalace nepodepsaného ovladače
17-05-2015 11:30:00 Aktualizovat na nepodepsaný ovladač
17-05-2015 11:30:49 Aktualizovat na nepodepsaný ovladač
17-05-2015 11:31:36 Aktualizovat na nepodepsaný ovladač
17-05-2015 11:33:15 Instalace nepodepsaného ovladače
17-05-2015 11:35:35 Aktualizovat na nepodepsaný ovladač
17-05-2015 11:36:35 Instalace nepodepsaného ovladače
17-05-2015 11:37:48 Instalace nepodepsaného ovladače

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-18 14:00 - 2013-04-29 22:20 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C7D214DC-E866-4802-B74B-5104EE5238C7}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (Whitelisted) ==============

2013-05-13 12:26 - 2012-03-03 23:05 - 00060416 _____ () C:\WINDOWS\system32\antiwpa.dll
2015-04-25 20:33 - 2015-04-25 20:33 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 20:33 - 2015-04-25 20:33 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-18 20:42 - 2015-05-18 20:42 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051801\algo.dll
2011-03-31 07:47 - 2011-03-31 07:47 - 00019456 _____ () C:\WINDOWS\system32\xrhr1alm.dll
2008-05-29 12:05 - 2006-06-07 13:25 - 00507904 _____ () C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
2015-03-14 19:16 - 2015-04-25 20:34 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2004-05-19 15:27 - 2004-05-19 15:27 - 00008192 _____ () C:\Program Files\PDF\pdfSaver\fm30xmf.dll
2015-03-27 22:47 - 2014-09-09 13:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2011-04-19 08:58 - 2011-04-19 08:58 - 00215552 _____ () C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2011-04-19 08:58 - 2011-04-19 08:58 - 00209408 _____ () C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2012-04-05 21:53 - 2012-04-05 21:53 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-19 08:58 - 2011-04-19 08:58 - 00079872 _____ () C:\Program Files\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\OEM\Plocha\Obrázky\Picasa\Pozadí\picasabackground.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe] => Enabled:SiSoftware Deployment Agent Service
StandardProfile\AuthorizedApplications: [C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\RpcSandraSrv.exe] => Enabled:SiSoftware Sandra Agent Service
StandardProfile\AuthorizedApplications: [C:\totalcmd\TOTALCMD.EXE] => Enabled:Total Commander 32 bit
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe] => Enabled:Zoner Media Server 17
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\WINDOWS\network diagnostic\xpnetdiag.exe] => Enabled:Network Diagnostic for Windows XP
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2015 08:56:03 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/18/2015 08:41:02 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 11:28:28 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 11:09:26 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:39:57 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:28:46 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:24:06 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:21:33 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (2460) SUS20ClientDataStore: Úložiště verzí pro tuto instanci (0) dosáhlo maximální velikosti 8 MB. Pravděpodobně došlo k tomu, že dlouhotrvající transakce zabraňuje vyčištění úložiště verzí a způsobuje jeho narůstání. Aktualizace budou odmítány, dokud nebude dlouhotrvající transakce potvrzena nebo vrácena zpět.

Možná dlouhotrvající transakce:

SessionId: 0x026D0320

Session-context: 0x00000000

Session-context ThreadId: 0x000009A0

Error: (05/17/2015 10:17:49 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (2460) SUS20ClientDataStore: Úložiště verzí pro tuto instanci (0) dosáhlo maximální velikosti 8 MB. Pravděpodobně došlo k tomu, že dlouhotrvající transakce zabraňuje vyčištění úložiště verzí a způsobuje jeho narůstání. Aktualizace budou odmítány, dokud nebude dlouhotrvající transakce potvrzena nebo vrácena zpět.

Možná dlouhotrvající transakce:

SessionId: 0x026D0320

Session-context: 0x00000000

Session-context ThreadId: 0x000009A0

Error: (05/17/2015 10:11:09 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.


System errors:
=============
Error: (05/18/2015 08:54:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error: (05/18/2015 08:54:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (05/18/2015 08:52:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Google Update (gupdate) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:50:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:50:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba XRcnStatutsDatabase byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:50:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ArcSoft Connect Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:50:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:50:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/18/2015 08:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error: (05/18/2015 08:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ovladač paralelního portu neuspěla při spuštění v důsledku následující chyby:
%%1058


Microsoft Office Sessions:
=========================
Error: (05/18/2015 08:56:03 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/18/2015 08:41:02 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 11:28:28 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 11:09:26 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:39:57 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:28:46 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:24:06 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/17/2015 10:21:33 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll2460SUS20ClientDataStore: 080x026D03200x000000000x000009A0

Error: (05/17/2015 10:17:49 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll2460SUS20ClientDataStore: 080x026D03200x000000000x000009A0

Error: (05/17/2015 10:11:09 AM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 17%
Total physical RAM: 3327.1 MB
Available physical RAM: 2758.37 MB
Total Pagefile: 3836.69 MB
Available Pagefile: 3418.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:596.92 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 09DFEB08)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#6 Příspěvek od altrok »

:arrow: Je operacni system legalni?

:arrow: Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.


  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = 
FF HKLM\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"

S3 cmuda; system32\drivers\cmuda.sys [X]
S3 cpuz130; \??\C:\DOCUME~1\OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
U3 TlntSvr; No ImagePath
U3 TrueSight; \??\C:\WINDOWS\system32\drivers\TrueSight.sys [X]

2015-05-18 21:05 - 2015-05-18 21:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\OEM\Plocha\FRSTLauncher.exe
2015-05-18 20:52 - 2015-05-18 20:52 - 06420480 _____ () C:\Program Files\GUT80.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 00000000 ____D () C:\Program Files\GUM7F.tmp
2015-05-18 20:46 - 2015-05-18 20:52 - 00000000 ____D () C:\AdwCleaner
2015-05-18 20:44 - 2015-05-18 20:43 - 02209792 _____ () C:\Documents and Settings\OEM\Plocha\adwcleaner_4.204.exe
2015-05-17 11:08 - 2015-05-18 20:54 - 00078929 _____ () C:\WINDOWS\setupapi.log
2015-05-17 11:02 - 2015-05-17 11:03 - 00000000 ____D () C:\rsit
2015-05-17 11:02 - 2015-05-17 11:02 - 01107968 _____ () C:\Documents and Settings\OEM\Plocha\RSIT.exe
2015-05-17 11:02 - 2012-02-05 07:55 - 00000000 ____D () C:\Program Files\trend micro
2012-07-11 17:18 - 2012-07-11 17:18 - 0000000 ____C () C:\Program Files\GUM6F.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 6420480 _____ () C:\Program Files\GUT80.tmp
2008-05-04 21:36 - 2008-05-04 21:36 - 3467608 ____C (Uniblue ) C:\Program Files\registrybooster.exe
CMD: del "C:\Program Files\G*.tmp"

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows 
Hosts:
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Re: Zpomalené PC

#7 Příspěvek od RomanL2 »

OS by měl být legální, je to PC paní sousedky a vím, že má OEM licenci na W XP Home koupenou. Na bedně od PC je i štítek s licenčním číslem. Pokud něco není v pořádku, bude to práce jejích synovců, už jsem po nich nějaké nepořádky uklízel.
Složky z plochy přesunu do Dokumentů.

Zde výpis fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-05-2015 02
Ran by OEM at 2015-05-18 21:45:55 Run:1
Running from C:\Documents and Settings\OEM\Plocha
Loaded Profiles: OEM (Available profiles: OEM & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-583907252-1390067357-1177238915-1004 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL =
FF HKLM\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"

S3 cmuda; system32\drivers\cmuda.sys [X]
S3 cpuz130; \??\C:\DOCUME~1\OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
U3 TlntSvr; No ImagePath
U3 TrueSight; \??\C:\WINDOWS\system32\drivers\TrueSight.sys [X]

2015-05-18 21:05 - 2015-05-18 21:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\OEM\Plocha\FRSTLauncher.exe
2015-05-18 20:52 - 2015-05-18 20:52 - 06420480 _____ () C:\Program Files\GUT80.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 00000000 ____D () C:\Program Files\GUM7F.tmp
2015-05-18 20:46 - 2015-05-18 20:52 - 00000000 ____D () C:\AdwCleaner
2015-05-18 20:44 - 2015-05-18 20:43 - 02209792 _____ () C:\Documents and Settings\OEM\Plocha\adwcleaner_4.204.exe
2015-05-17 11:08 - 2015-05-18 20:54 - 00078929 _____ () C:\WINDOWS\setupapi.log
2015-05-17 11:02 - 2015-05-17 11:03 - 00000000 ____D () C:\rsit
2015-05-17 11:02 - 2015-05-17 11:02 - 01107968 _____ () C:\Documents and Settings\OEM\Plocha\RSIT.exe
2015-05-17 11:02 - 2012-02-05 07:55 - 00000000 ____D () C:\Program Files\trend micro
2012-07-11 17:18 - 2012-07-11 17:18 - 0000000 ____C () C:\Program Files\GUM6F.tmp
2015-05-18 20:52 - 2015-05-18 20:52 - 6420480 _____ () C:\Program Files\GUT80.tmp
2008-05-04 21:36 - 2008-05-04 21:36 - 3467608 ____C (Uniblue ) C:\Program Files\registrybooster.exe
CMD: del "C:\Program Files\G*.tmp"

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [5985:TCP] => Disabled:Vzdálená správa systému Windows
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => value deleted successfully.
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-583907252-1390067357-1177238915-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{93a3111f-4f74-4ed8-895e-d9708497629e} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-583907252-1390067357-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}" => Key deleted successfully.
HKCR\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com => value deleted successfully.
Chrome StartupUrls deleted successfully.
cmuda => Service deleted successfully.
cpuz130 => Service deleted successfully.
IntelIde => Service deleted successfully.
MSICDSetup => Service deleted successfully.
TlntSvr => Service deleted successfully.
TrueSight => Service deleted successfully.
C:\Documents and Settings\OEM\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Program Files\GUT80.tmp => Moved successfully.
C:\Program Files\GUM7F.tmp => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\OEM\Plocha\adwcleaner_4.204.exe => Moved successfully.
C:\WINDOWS\setupapi.log => Moved successfully.
C:\rsit => Moved successfully.
C:\Documents and Settings\OEM\Plocha\RSIT.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Program Files\GUM6F.tmp => Moved successfully.
"C:\Program Files\GUT80.tmp" => File/Directory not found.
C:\Program Files\registrybooster.exe => Moved successfully.

========= del "C:\Program Files\G*.tmp" =========


========= End of CMD: =========

C:\Documents and Settings\All Users\Data aplikací\TEMP => ":373E1720" ADS removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5985:TCP => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 285.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:46:22 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#8 Příspěvek od altrok »

Slozky a velke soubory presunte a na plochu umistete jen zastupce.

Otestujte, jak se pocitac chova, zda nastalo zlepseni nebo pozorujete nejake problemy.

  • Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
  • archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
  • ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
  • log vlozte do dalsi odpovedi (Ctrl + V)
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Re: Zpomalené PC

#9 Příspěvek od RomanL2 »

PC se podle mne chová lépe, mám pocit, že bylo docela dost zaneřáděné, poslední kontrolu jsem dělal cca před 2 lety...
Zde log z Crystal Disk Info:
----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2015/05/18 22:20:46

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- Hitachi HDS721010DLE630
- Sekundární kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- TSSTcorp CD/DVDW SH-S182M
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) Hitachi HDS721010DLE630 : 1000,2 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HDS721010DLE630
----------------------------------------------------------------------------
Model : Hitachi HDS721010DLE630
Firmware : MS2OA5R0
Serial Number : MSK5215H0BXT6G
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 25956 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 3516 hod.
Power On Count : 742 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _93 _93 _16 0000001B0009 Počet chyb čtení
02 136 136 _54 00000000005A Průchodnost disku
03 124 124 _24 000300B900B9 Čas na roztočení ploten
04 100 100 __0 0000000002F4 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 118 118 _20 000000000021 Čas potřebný na vyhledání
09 100 100 __0 000000000DBC Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000002E6 Počet cyklů zapnutí zařízení
C0 100 100 __0 0000000002F5 Počet vypnutí disku
C1 100 100 __0 0000000002F5 Počet cyklů načítání/vymazání
C2 166 166 __0 002B000F0024 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 4D53 4B35 3231 3548 3042 5854 3647
020: 0003 CAC8 0038 4D53 324F 4135 5230 4869 7461 6368
030: 6920 4844 5337 3231 3031 3044 4C45 3633 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 005E 0040
080: 01FC 0029 746B 7D69 4773 7469 BC41 4763 407F 0054
090: 0000 0000 FFFE 0000 0000 0008 00CA 00F9 2710 0000
100: 6DB0 7470 0000 0000 00CA 0000 6003 5A87 5000 CCA3
110: 7CC5 6C1F 0000 0000 0000 0000 0000 0000 0000 409C
120: 409C 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0000 0000 2180 0DF1 FA20 0001 4000 0404 0121 0000
140: 0000 040B 060A 0000 0000 0000 0000 0000 0000 0000
150: 0000 0005 324E 4235 0000 6802 0000 5DBD 84C8 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 5D 5D 09 00 1B 00 00 00 00 02 05
010: 00 88 88 5A 00 00 00 00 00 00 03 07 00 7C 7C B9
020: 00 B9 00 03 00 00 04 12 00 64 64 F4 02 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 76 76 21
050: 00 00 00 00 00 00 09 12 00 64 64 BC 0D 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 E6 02 00 00 00 00 00 C0 32 00 64 64 F5
080: 02 00 00 00 00 00 C1 12 00 64 64 F5 02 00 00 00
090: 00 00 C2 02 00 A6 A6 24 00 0F 00 2B 00 00 C4 32
0A0: 00 64 64 00 00 00 00 00 00 00 C5 22 00 64 64 00
0B0: 00 00 00 00 00 00 C6 08 00 64 64 00 00 00 00 00
0C0: 00 00 C7 0A 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 15 1E 01 5B
170: 03 00 01 00 01 81 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 29

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 10 00 00 00 00 00 00 00 00 00 00 02 36
010: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 14 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#10 Příspěvek od altrok »

Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
RomanL2
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 12 kvě 2009 11:38

Re: Zpomalené PC

#11 Příspěvek od RomanL2 »

Děkujeme za pomoc, paní sousedka se nám zadarmo stará o papírování s barákem, a já se zase zadarmo starám o PC pro barák. Bohužel ti její synovci to občas docela zaplevelí, a už cca dva roky jsme prevetivku nedělali. Tak ještě jednou děkujeme.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Zpomalené PC

#12 Příspěvek od altrok »

Jejim synovcum by prospela alespon ustni domluva, aby byli pouceni o hrozbach nejdesivejsiho malwaru soucasnosti - ransomwaru, ktery zasifruje temer vsechno, na co sahne a nasledne pozaduje vykupne. Kor na Win XP (rok od ukonceni podpory).

Nemate zac, rad jsem pomohl :worship:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“