tentokrat moj PC...v prehliadacoch vyhadzuje reklamy ci banery aj cele su nejake spomalene
Logfile of random's system information tool 1.09 (written by random/random)
Run by TonyX at 2013-09-08 00:03:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 19 GB (47%) free of 40 GB
Total RAM: 511 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:04:57, on 8.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\TonyX\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\TonyX.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files\hosts\hosts-bho.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: TrioBet - {12EF86C2-1F21-4D12-B328-518216D820F2} - C:\Microgaming\Poker\triobetMPP\MPPoker.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 6861 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\na713kzb.default-1372335191562
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\na713kzb.default-1372335191562\extensions\
05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]
hosts - C:\Program Files\hosts\hosts-bho.dll [2013-09-07 748032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-05 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-05 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2003-07-29 515584]
"ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-04-21 281768]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\NHL gpc\Winamp\winamp.exe"="D:\NHL gpc\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\hry\FM 2010\fm.exe"="D:\hry\FM 2010\fm.exe:*:Enabled:Football Manager 2010"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe"="C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe:*:Enabled:XChat IRC Client"
"D:\hry\NHL 2009\nhl2009.exe"="D:\hry\NHL 2009\nhl2009.exe:*:Enabled:nhl2009"
"C:\WINDOWS\system32\LMabcoms.exe"="C:\WINDOWS\system32\LMabcoms.exe:*:Enabled:Lexmark Enhanced TCP/IP"
"C:\Program Files\COMODO\Unite\Unite.exe"="C:\Program Files\COMODO\Unite\Unite.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\EzVpnSvc.exe"="C:\Program Files\COMODO\Unite\EzVpnSvc.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\crdphAppShare.exe"="C:\Program Files\COMODO\Unite\crdphAppShare.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\crdphService.exe"="C:\Program Files\COMODO\Unite\crdphService.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\UniteCAM.exe"="C:\Program Files\COMODO\Unite\UniteCAM.exe:*:Enabled:COMODO Unite"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Documents and Settings\TonyX\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\TonyX\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
======List of files/folders created in the last 1 month======
2013-09-08 00:03:46 ----D---- C:\rsit
2013-09-07 15:14:45 ----D---- C:\Documents and Settings\TonyX\Data aplikací\uTorrent
2013-09-07 15:08:57 ----D---- C:\Documents and Settings\TonyX\Data aplikací\DownLite
2013-09-07 15:07:27 ----D---- C:\Program Files\hosts
2013-08-30 18:03:15 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2013-08-28 20:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-21 17:00:22 ----D---- C:\Poker
2013-08-18 17:29:25 ----D---- C:\Program Files\Mozilla Firefox
2013-08-14 18:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 18:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 18:34:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 18:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-08-11 13:18:15 ----D---- C:\Program Files\QupZilla
======List of files/folders modified in the last 1 month======
2013-09-08 00:04:56 ----D---- C:\Program Files\trend micro
2013-09-08 00:04:18 ----D---- C:\WINDOWS\Prefetch
2013-09-07 23:56:21 ----D---- C:\WINDOWS\Temp
2013-09-07 23:56:13 ----D---- C:\WINDOWS
2013-09-07 23:53:43 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-07 18:56:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-07 18:55:03 ----D---- C:\Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite
2013-09-07 16:06:38 ----D---- C:\WINDOWS\system32
2013-09-07 16:06:37 ----HD---- C:\WINDOWS\inf
2013-09-07 16:03:50 ----HD---- C:\Program Files\InstallShield Installation Information
2013-09-07 15:18:30 ----RD---- C:\Program Files
2013-09-06 23:13:07 ----D---- C:\Documents and Settings\TonyX\Data aplikací\TS3Client
2013-09-03 22:31:34 ----D---- C:\Documents and Settings\TonyX\Data aplikací\Microgaming
2013-09-03 22:28:52 ----D---- C:\Program Files\PokerStars
2013-08-28 20:18:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-21 16:04:55 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-20 18:20:25 ----D---- C:\Documents and Settings\TonyX\Data aplikací\Skype
2013-08-19 12:30:23 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-15 19:34:41 ----D---- C:\WINDOWS\Minidump
2013-08-15 19:34:41 ----D---- C:\WINDOWS\Debug
2013-08-14 19:17:50 ----RSD---- C:\WINDOWS\assembly
2013-08-14 19:17:50 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-14 18:58:55 ----D---- C:\Program Files\Internet Explorer
2013-08-14 18:58:34 ----D---- C:\WINDOWS\ie8updates
2013-08-14 18:51:34 ----D---- C:\WINDOWS\system32\MRT
2013-08-14 18:50:35 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-14 18:50:05 ----SHD---- C:\WINDOWS\Installer
2013-08-14 18:50:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-08-14 18:40:42 ----D---- C:\WINDOWS\WinSxS
2013-08-14 18:40:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-10 00:39:00 ----D---- C:\Documents and Settings\TonyX\Data aplikací\Winamp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-04 138192]
R1 BIOS;BIOS; \??\C:\WINDOWS\System32\drivers\BIOS.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-02-22 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2011-11-09 525840]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-04 66616]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 ATP;Comodo Unite Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2012-09-30 25280]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2012-09-12 25088]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-04 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2013-05-25 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-12-05 155716]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 lmab_device;lmab_device; C:\WINDOWS\system32\LMabcoms.exe [2005-06-14 491520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-18 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-07-16 75136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
precistit
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: precistit
Zdravim 
S prominutim, ze byste aspon slusne pozdravil a poprosil a ne tu jen tak zahulakal "precistit". Nikdo vam tu pomoci NEMUSI, ale jen MUZE. My jsme tu zdarma a ve svem volnem case a tak trocha slusnosti a pokory neuskodi, kdyz neco chci 
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
S prominutim, ze byste aspon slusne pozdravil a poprosil a ne tu jen tak zahulakal "precistit". Nikdo vam tu pomoci NEMUSI, ale jen MUZE. My jsme tu zdarma a ve svem volnem case a tak trocha slusnosti a pokory neuskodi, kdyz neco chci Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: precistit
velmi sa ospravedlnujem za moje buranstvo ale prisiel som po 14 hodinovej sichte takze sa vobec cudujem ze nieco take dneska riesim 
...samozrejme budem velmi rad ak sa na to pozriete... o chvilku bude log
...samozrejme budem velmi rad ak sa na to pozriete... o chvilku bude logRe: precistit
Ja taky vstavam v 6, prijdu v 22 z prace, do pulnoci tu sedim a presto aspon pozdravim Na log a dalsi postup mrknu rano"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: precistit
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.09.07.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TonyX :: COKOLAD [administrátor]
8.9.2013 11:27:48
MBAM-log-2013-09-08 (13-04-17).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 293558
Uplynulý čas: 1 hodin, 32 minut, 58 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 11
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.IBryte) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.BHO (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.BHO.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.Sandbox (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.Sandbox.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Cr_Installer\35382 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{11111111-1111-1111-1111-110311531182} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{44444444-4444-4444-4444-440344534482} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{55555555-5555-5555-5555-550355535582} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 1ed5402d05a2ba622e1b8381b926a05f -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Documents and Settings\TonyX\Dokumenty\Downloads\setup.exe (PUP.Optional.IBryte) -> Nebyla provedena žádná instrukce.
C:\Program Files\hosts\hosts-bho.dll (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.09.07.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TonyX :: COKOLAD [administrátor]
8.9.2013 11:27:48
MBAM-log-2013-09-08 (13-04-17).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 293558
Uplynulý čas: 1 hodin, 32 minut, 58 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 11
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.IBryte) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.BHO (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.BHO.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.Sandbox (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCR\CrossriderApp0035382.Sandbox.1 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Cr_Installer\35382 (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{11111111-1111-1111-1111-110311531182} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{44444444-4444-4444-4444-440344534482} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{55555555-5555-5555-5555-550355535582} (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 1ed5402d05a2ba622e1b8381b926a05f -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Documents and Settings\TonyX\Dokumenty\Downloads\setup.exe (PUP.Optional.IBryte) -> Nebyla provedena žádná instrukce.
C:\Program Files\hosts\hosts-bho.dll (PUP.Optional.CrossRider) -> Nebyla provedena žádná instrukce.
(konec)
Re: precistit
Nalezy MBAMu smazte, objevi se log, ten rad uvidim Udelejte FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=132519"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: precistit
zmazane a log nemozem najst ale vyzera ze to odstranilo spravne kedze tie reklamy ci bannery uz neukazuj
FRSTL
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013
Ran by TonyX (administrator) on COKOLAD on 08-09-2013 22:56:59
Running from C:\Documents and Settings\TonyX\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Chicony) C:\WINDOWS\zHotkey.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\WINDOWS\runservice.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvsvc32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\TonyX\Dokumenty\Downloads\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CHotkey] - C:\Windows\zHotkey.exe [515584 2003-07-29] (Chicony)
HKLM\...\Run: [ShowWnd] - C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [90112 2005-08-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2011-04-21] (Avira GmbH)
HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738944 2011-11-03] (Check Point Software Technologies)
HKLM\...\Run: [ZoneAlarm] - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73360 2011-11-09] (Check Point Software Technologies LTD)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\na713kzb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Comodo Rdp View Plugin for FireFox) - C:\Program Files\COMODO\Unite\NpRdpView.dll No File
CHR Plugin: (Comodo Vnc View Plugin for FireFox) - C:\Program Files\COMODO\Unite\NpVncView.dll No File
CHR Plugin: (ComodoLVN) - C:\Program Files\COMODO\Unite\npEasyVpnLVN.dll No File
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-21] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-04] (Avira GmbH)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497280 2011-11-03] (Check Point Software Technologies)
R2 LicCtrlService; C:\WINDOWS\runservice.exe [2560 2013-05-25] ()
S3 lmab_device; C:\WINDOWS\system32\LMabcoms.exe [491520 2005-06-14] ()
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2011-07-16] ()
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2420616 2011-11-09] (Check Point Software Technologies LTD)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3644800 2005-08-19] (Realtek Semiconductor Corp.)
R1 avgio; C:\Program Files\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-04] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-04] (Avira GmbH)
R1 BIOS; C:\WINDOWS\System32\drivers\BIOS.sys [13696 2005-03-16] (BIOSTAR Group)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-02-22] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2012-09-30] (LogMeIn, Inc.)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [27016 2011-11-03] (Check Point Software Technologies)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-09-08] (Malwarebytes Corporation)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [53376 2005-04-13] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33536 2005-04-06] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2005-04-06] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [414464 2005-04-13] (NVIDIA Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-09-12] (TeamViewer GmbH)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [525840 2011-11-09] (Check Point Software Technologies LTD)
S3 ATP; system32\DRIVERS\cmdatp.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 22:56 - 2013-09-08 15:43 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
2013-09-08 22:56 - 2013-09-08 00:28 - 01082239 _____ (Farbar) C:\Documents and Settings\TonyX\Plocha\FRST.exe
2013-09-08 11:27 - 2013-09-08 11:27 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-08 00:31 - 2013-09-08 00:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 00:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-07 15:14 - 2013-09-08 13:17 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\uTorrent
2013-09-07 15:08 - 2013-09-07 15:08 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DownLite
2013-08-30 18:03 - 2013-09-08 13:00 - 00000000 ____D C:\Program Files\Czech Soccer Manager 2002 FE
2013-08-30 18:03 - 2013-08-30 18:03 - 00000000 ____D C:\Documents and Settings\TonyX\Nabídka Start\Programy\Czech Soccer Manager 2002 FE
2013-08-28 20:18 - 2013-08-28 20:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-21 17:00 - 2013-09-08 13:14 - 00000000 ____D C:\Poker
2013-08-18 17:29 - 2013-08-18 21:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-14 18:35 - 2013-08-14 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 18:33 - 2013-08-14 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Program Files\QupZilla
==================== One Month Modified Files and Folders =======
2013-09-08 22:56 - 2013-09-08 22:56 - 00000000 ____D C:\FRST
2013-09-08 22:56 - 2011-07-01 17:17 - 00000000 ___HD C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací
2013-09-08 22:56 - 2011-07-01 17:17 - 00000000 ____D C:\Documents and Settings\TonyX\Plocha
2013-09-08 22:12 - 2013-08-06 22:35 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\TS3Client
2013-09-08 22:03 - 2013-04-16 19:18 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-08 18:57 - 2012-06-19 11:29 - 01066352 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-08 18:54 - 2013-05-25 19:59 - 00000601 ___SH C:\WINDOWS\system32\mmf.sys
2013-09-08 18:54 - 2011-11-12 15:07 - 00415916 _____ C:\WINDOWS\system32\vsconfig.xml
2013-09-08 18:54 - 2011-10-07 14:49 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-08 18:54 - 2011-10-07 14:49 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-08 18:54 - 2011-07-01 17:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-08 17:46 - 2011-07-01 17:17 - 00000178 ___SH C:\Documents and Settings\TonyX\ntuser.ini
2013-09-08 17:46 - 2011-07-01 17:17 - 00000000 ____D C:\Documents and Settings\TonyX
2013-09-08 17:46 - 2011-07-01 17:16 - 00032472 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-08 16:00 - 2011-07-02 19:09 - 00000000 ____D C:\Documents and Settings\TonyX\Plocha\hry
2013-09-08 15:43 - 2013-09-08 22:56 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
2013-09-08 13:17 - 2013-09-07 15:14 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\uTorrent
2013-09-08 13:14 - 2013-08-21 17:00 - 00000000 ____D C:\Poker
2013-09-08 13:12 - 2011-07-01 17:17 - 00000000 ___RD C:\Documents and Settings\TonyX\Nabídka Start
2013-09-08 13:10 - 2013-07-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903_WM10L$
2013-09-08 13:00 - 2013-08-30 18:03 - 00000000 ____D C:\Program Files\Czech Soccer Manager 2002 FE
2013-09-08 11:27 - 2013-09-08 11:27 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-08 00:31 - 2013-09-08 00:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 00:31 - 2011-07-01 19:05 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-08 00:31 - 2011-07-01 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-09-08 00:28 - 2013-09-08 22:56 - 01082239 _____ (Farbar) C:\Documents and Settings\TonyX\Plocha\FRST.exe
2013-09-08 00:04 - 2012-08-11 23:16 - 00000000 ____D C:\Program Files\trend micro
2013-09-07 18:55 - 2011-07-02 21:14 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite
2013-09-07 16:06 - 2013-04-27 23:03 - 00000626 _____ C:\WINDOWS\eReg.dat
2013-09-07 16:03 - 2011-07-01 17:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-07 15:14 - 2011-07-01 17:17 - 00000000 __RHD C:\Documents and Settings\TonyX\Data aplikací
2013-09-07 15:08 - 2013-09-07 15:08 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DownLite
2013-09-06 22:47 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-04 15:28 - 2012-07-25 14:09 - 00001246 _____ C:\WINDOWS\system32\LexFiles.usr
2013-09-03 22:31 - 2011-08-27 17:47 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Microgaming
2013-09-03 22:28 - 2012-12-17 15:56 - 00000000 ____D C:\Program Files\PokerStars
2013-08-30 18:03 - 2013-08-30 18:03 - 00000000 ____D C:\Documents and Settings\TonyX\Nabídka Start\Programy\Czech Soccer Manager 2002 FE
2013-08-30 18:03 - 2011-07-01 17:17 - 00000000 ___RD C:\Documents and Settings\TonyX\Nabídka Start\Programy
2013-08-30 18:02 - 2011-07-01 17:28 - 00000000 ____D C:\Documents and Settings\TonyX\Dokumenty\Stažené soubory
2013-08-28 20:18 - 2013-08-28 20:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-28 15:03 - 2013-02-16 16:54 - 00002563 _____ C:\Documents and Settings\TonyX\Plocha\Microsoft Office Word 2007.lnk
2013-08-21 16:04 - 2012-04-17 22:47 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-21 16:04 - 2011-07-01 17:28 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-08-20 18:20 - 2011-07-05 15:01 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Skype
2013-08-19 12:30 - 2012-05-09 14:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 21:01 - 2013-08-18 17:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-15 19:34 - 2011-07-04 14:00 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-14 19:17 - 2012-04-30 12:40 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 18:58 - 2011-07-03 19:14 - 00000000 ____D C:\WINDOWS\ie8updates
2013-08-14 18:57 - 2013-07-14 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 18:50 - 2011-07-02 20:56 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 18:40 - 2011-07-01 19:06 - 01187862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-14 18:35 - 2013-08-14 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 18:34 - 2011-07-10 19:51 - 00037246 _____ C:\WINDOWS\system32\TZLog.log
2013-08-14 18:33 - 2013-08-14 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Program Files\QupZilla
2013-08-10 00:39 - 2011-07-02 18:19 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Winamp
Files to move or delete:
====================
C:\DOCUME~1\TonyX\LOCALS~1\Temp\ptu7_tmp.exe
C:\DOCUME~1\TonyX\LOCALS~1\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2001-10-25 14:00] - [2008-04-14 05:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2001-10-25 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2002-09-20 18:04] - [2008-04-14 05:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2001-10-25 14:00] - [2008-04-14 04:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
FRSTL
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013
Ran by TonyX (administrator) on COKOLAD on 08-09-2013 22:56:59
Running from C:\Documents and Settings\TonyX\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Chicony) C:\WINDOWS\zHotkey.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\WINDOWS\runservice.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvsvc32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\TonyX\Dokumenty\Downloads\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CHotkey] - C:\Windows\zHotkey.exe [515584 2003-07-29] (Chicony)
HKLM\...\Run: [ShowWnd] - C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [90112 2005-08-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2011-04-21] (Avira GmbH)
HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738944 2011-11-03] (Check Point Software Technologies)
HKLM\...\Run: [ZoneAlarm] - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73360 2011-11-09] (Check Point Software Technologies LTD)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\na713kzb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Comodo Rdp View Plugin for FireFox) - C:\Program Files\COMODO\Unite\NpRdpView.dll No File
CHR Plugin: (Comodo Vnc View Plugin for FireFox) - C:\Program Files\COMODO\Unite\NpVncView.dll No File
CHR Plugin: (ComodoLVN) - C:\Program Files\COMODO\Unite\npEasyVpnLVN.dll No File
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-21] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-04] (Avira GmbH)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497280 2011-11-03] (Check Point Software Technologies)
R2 LicCtrlService; C:\WINDOWS\runservice.exe [2560 2013-05-25] ()
S3 lmab_device; C:\WINDOWS\system32\LMabcoms.exe [491520 2005-06-14] ()
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2011-07-16] ()
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2420616 2011-11-09] (Check Point Software Technologies LTD)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3644800 2005-08-19] (Realtek Semiconductor Corp.)
R1 avgio; C:\Program Files\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-04] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-04] (Avira GmbH)
R1 BIOS; C:\WINDOWS\System32\drivers\BIOS.sys [13696 2005-03-16] (BIOSTAR Group)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-02-22] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2012-09-30] (LogMeIn, Inc.)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [27016 2011-11-03] (Check Point Software Technologies)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-09-08] (Malwarebytes Corporation)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [53376 2005-04-13] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33536 2005-04-06] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2005-04-06] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [414464 2005-04-13] (NVIDIA Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-09-12] (TeamViewer GmbH)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [525840 2011-11-09] (Check Point Software Technologies LTD)
S3 ATP; system32\DRIVERS\cmdatp.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 22:56 - 2013-09-08 15:43 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
2013-09-08 22:56 - 2013-09-08 00:28 - 01082239 _____ (Farbar) C:\Documents and Settings\TonyX\Plocha\FRST.exe
2013-09-08 11:27 - 2013-09-08 11:27 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-08 00:31 - 2013-09-08 00:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 00:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-07 15:14 - 2013-09-08 13:17 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\uTorrent
2013-09-07 15:08 - 2013-09-07 15:08 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DownLite
2013-08-30 18:03 - 2013-09-08 13:00 - 00000000 ____D C:\Program Files\Czech Soccer Manager 2002 FE
2013-08-30 18:03 - 2013-08-30 18:03 - 00000000 ____D C:\Documents and Settings\TonyX\Nabídka Start\Programy\Czech Soccer Manager 2002 FE
2013-08-28 20:18 - 2013-08-28 20:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-21 17:00 - 2013-09-08 13:14 - 00000000 ____D C:\Poker
2013-08-18 17:29 - 2013-08-18 21:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-14 18:35 - 2013-08-14 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 18:33 - 2013-08-14 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Program Files\QupZilla
==================== One Month Modified Files and Folders =======
2013-09-08 22:56 - 2013-09-08 22:56 - 00000000 ____D C:\FRST
2013-09-08 22:56 - 2011-07-01 17:17 - 00000000 ___HD C:\DOCUME~1\TonyX\LOCALS~1\Data aplikací
2013-09-08 22:56 - 2011-07-01 17:17 - 00000000 ____D C:\Documents and Settings\TonyX\Plocha
2013-09-08 22:12 - 2013-08-06 22:35 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\TS3Client
2013-09-08 22:03 - 2013-04-16 19:18 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-08 18:57 - 2012-06-19 11:29 - 01066352 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-08 18:54 - 2013-05-25 19:59 - 00000601 ___SH C:\WINDOWS\system32\mmf.sys
2013-09-08 18:54 - 2011-11-12 15:07 - 00415916 _____ C:\WINDOWS\system32\vsconfig.xml
2013-09-08 18:54 - 2011-10-07 14:49 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-08 18:54 - 2011-10-07 14:49 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-08 18:54 - 2011-07-01 17:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-08 17:46 - 2011-07-01 17:17 - 00000178 ___SH C:\Documents and Settings\TonyX\ntuser.ini
2013-09-08 17:46 - 2011-07-01 17:17 - 00000000 ____D C:\Documents and Settings\TonyX
2013-09-08 17:46 - 2011-07-01 17:16 - 00032472 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-08 16:00 - 2011-07-02 19:09 - 00000000 ____D C:\Documents and Settings\TonyX\Plocha\hry
2013-09-08 15:43 - 2013-09-08 22:56 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
2013-09-08 13:17 - 2013-09-07 15:14 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\uTorrent
2013-09-08 13:14 - 2013-08-21 17:00 - 00000000 ____D C:\Poker
2013-09-08 13:12 - 2011-07-01 17:17 - 00000000 ___RD C:\Documents and Settings\TonyX\Nabídka Start
2013-09-08 13:10 - 2013-07-11 00:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903_WM10L$
2013-09-08 13:00 - 2013-08-30 18:03 - 00000000 ____D C:\Program Files\Czech Soccer Manager 2002 FE
2013-09-08 11:27 - 2013-09-08 11:27 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-09-08 00:31 - 2013-09-08 00:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 00:31 - 2011-07-01 19:05 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-08 00:31 - 2011-07-01 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-09-08 00:28 - 2013-09-08 22:56 - 01082239 _____ (Farbar) C:\Documents and Settings\TonyX\Plocha\FRST.exe
2013-09-08 00:04 - 2012-08-11 23:16 - 00000000 ____D C:\Program Files\trend micro
2013-09-07 18:55 - 2011-07-02 21:14 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite
2013-09-07 16:06 - 2013-04-27 23:03 - 00000626 _____ C:\WINDOWS\eReg.dat
2013-09-07 16:03 - 2011-07-01 17:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-07 15:14 - 2011-07-01 17:17 - 00000000 __RHD C:\Documents and Settings\TonyX\Data aplikací
2013-09-07 15:08 - 2013-09-07 15:08 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\DownLite
2013-09-06 22:47 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-04 15:28 - 2012-07-25 14:09 - 00001246 _____ C:\WINDOWS\system32\LexFiles.usr
2013-09-03 22:31 - 2011-08-27 17:47 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Microgaming
2013-09-03 22:28 - 2012-12-17 15:56 - 00000000 ____D C:\Program Files\PokerStars
2013-08-30 18:03 - 2013-08-30 18:03 - 00000000 ____D C:\Documents and Settings\TonyX\Nabídka Start\Programy\Czech Soccer Manager 2002 FE
2013-08-30 18:03 - 2011-07-01 17:17 - 00000000 ___RD C:\Documents and Settings\TonyX\Nabídka Start\Programy
2013-08-30 18:02 - 2011-07-01 17:28 - 00000000 ____D C:\Documents and Settings\TonyX\Dokumenty\Stažené soubory
2013-08-28 20:18 - 2013-08-28 20:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-28 15:03 - 2013-02-16 16:54 - 00002563 _____ C:\Documents and Settings\TonyX\Plocha\Microsoft Office Word 2007.lnk
2013-08-21 16:04 - 2012-04-17 22:47 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-21 16:04 - 2011-07-01 17:28 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-08-20 18:20 - 2011-07-05 15:01 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Skype
2013-08-19 12:30 - 2012-05-09 14:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 21:01 - 2013-08-18 17:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-15 19:34 - 2011-07-04 14:00 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-14 19:17 - 2012-04-30 12:40 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 18:58 - 2011-07-03 19:14 - 00000000 ____D C:\WINDOWS\ie8updates
2013-08-14 18:57 - 2013-07-14 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 18:50 - 2011-07-02 20:56 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 18:40 - 2011-07-01 19:06 - 01187862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-14 18:35 - 2013-08-14 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 18:34 - 2013-08-14 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 18:34 - 2011-07-10 19:51 - 00037246 _____ C:\WINDOWS\system32\TZLog.log
2013-08-14 18:33 - 2013-08-14 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Program Files\QupZilla
2013-08-10 00:39 - 2011-07-02 18:19 - 00000000 ____D C:\Documents and Settings\TonyX\Data aplikací\Winamp
Files to move or delete:
====================
C:\DOCUME~1\TonyX\LOCALS~1\Temp\ptu7_tmp.exe
C:\DOCUME~1\TonyX\LOCALS~1\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2001-10-25 14:00] - [2008-04-14 05:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2001-10-25 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2002-09-20 18:04] - [2008-04-14 05:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2002-09-20 18:05] - [2008-04-14 05:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2001-10-25 14:00] - [2008-04-14 04:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (6.72 KiB) Staženo 71 x
Re: precistit
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) SearchScopes: HKLM - DefaultScope value is missing. CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx 2013-09-08 15:43 - 2013-09-08 22:56 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat C:\WINDOWS\tasks\Adobe Flash Player Updater.job Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: precistit
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-09-2013
Ran by TonyX at 2013-09-08 23:26:14 Run:1
Running from C:\Documents and Settings\TonyX\Plocha\Nová složka
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx
2013-09-08 15:43 - 2013-09-08 22:56 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.
"C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx" => File/Directory not found.
C:\Documents and Settings\TonyX\Plocha\logmodification.bat => Moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by TonyX at 2013-09-08 23:26:14 Run:1
Running from C:\Documents and Settings\TonyX\Plocha\Nová složka
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx
2013-09-08 15:43 - 2013-09-08 22:56 - 00045266 _____ C:\Documents and Settings\TonyX\Plocha\logmodification.bat
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.
"C:\DOCUME~1\TonyX\LOCALS~1\Temp\ccex.crx" => File/Directory not found.
C:\Documents and Settings\TonyX\Plocha\logmodification.bat => Moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: precistit
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: precistit
skvela praca dakujem 
mozte lock majte sa
mozte lock majte saRe: precistit
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?