preventika

[vojta.kuca.kucera]

dobrý den

prosím o preventivku

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by dharma (administrator) on DHARMA-A14GPJLV on 09-11-2013 20:23:46
Running from C:\Documents and Settings\dharma\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUi.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-09] (AVAST Software)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
BootExecute:

==================== Internet (Whitelisted) ====================

ProxyServer: 210.169.168.85:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope search13 URL = http://search13.net/search.php?q={searchTerms}
SearchScopes: HKCU - search13 URL = http://search13.net/search.php?q={searchTerms}
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/ ... msorun.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default
FF DefaultSearchEngine: Google Česká republika
FF SelectedSearchEngine: Google Česká republika
FF Homepage: about:home
FF NetworkProxy: "backup.ftp_port", ""
FF NetworkProxy: "backup.socks_port", ""
FF NetworkProxy: "backup.ssl_port", ""
FF NetworkProxy: "http", "210.169.168.85"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.1.7.1 - C:\Documents and Settings\dharma\Data aplikací\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dharma\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\searchplugins\google-esk-republika.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: České slovníky pro kontrolu pravopisu - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\cs@dictionaries.addons.mozilla(2).org
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
FF Extension: Download Statusbar - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(2)
FF Extension: client - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\client@anonymox.net.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky(2).ru
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\firefox\magicplayer@torrentstream.org

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0
CHR Extension: (avast! Online Security) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Google Wallet) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\DOCUME~1\dharma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaoggiphohkihibdkcnhnokmkfmhnj] - C:\Documents and Settings\dharma\Local Settings\Data aplikací\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.14.1.0.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

S4 Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-05-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-09] (AVAST Software)
S4 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S4 InCDsrvR; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [1440552 2008-02-28] (Nero AG)
S4 lxdd_device; C:\WINDOWS\system32\lxddcoms.exe [537520 2007-05-25] ( )
S4 NeroRegInCDSrv; C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032 2008-02-28] (Nero AG)
S4 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-25] (NVIDIA Corporation)
S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-05-20] ()

==================== Drivers (Whitelisted) ====================

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [35656 2013-11-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2013-11-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-11-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-09] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [774392 2013-11-09] (AVAST Software)
S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [403440 2013-11-09] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-11-09] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2009-08-10] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [33624 2013-03-28] ()
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2010-12-31] (LogMeIn, Inc.)
S3 hidgame; C:\Windows\System32\DRIVERS\hidgame.sys [8576 2003-04-16] (Microsoft Corporation)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [40360 2008-02-28] (Nero AG)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145280 2012-03-02] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2009-08-10] ()
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 msloop; C:\Windows\System32\DRIVERS\loop.sys [4992 2003-04-16] (Microsoft Corporation)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2010-07-16] (CACE Technologies, Inc.)
S2 nvcap; C:\Windows\System32\DRIVERS\nvcap.sys [116924 2002-11-18] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [66688 2009-07-01] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [164896 2009-06-30] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [13824 2009-07-01] (NVIDIA Corporation)
S2 NVXBAR; C:\Windows\System32\DRIVERS\NVxbar.sys [10814 2002-11-18] (NVIDIA Corporation)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
S3 SE1008mdm; C:\Windows\System32\DRIVERS\SE1008mdm.sys [58536 2009-02-12] (Sony Ericsson)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-07-30] (Duplex Secure Ltd.)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R2 thdudf; C:\Windows\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225856 2008-06-20] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 vdrive; system32\DRIVERS\vdrive.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-09 20:23 - 2013-11-09 20:23 - 00000000 ____D C:\FRST
2013-11-09 20:22 - 2013-11-09 20:22 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2013-11-09 20:21 - 2013-11-09 20:22 - 01089445 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2013-11-09 20:13 - 2013-11-09 20:13 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2013-11-09 20:12 - 2013-11-09 20:18 - 00403440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2013-11-09 20:12 - 2013-11-09 20:18 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-09 20:12 - 2013-11-09 20:12 - 00774392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00403440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1384024688
2013-11-09 20:12 - 2013-11-09 20:12 - 00178304 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-11-09 20:12 - 2013-11-09 20:12 - 00035656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-11-09 20:12 - 2013-11-09 20:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-11-08 19:13 - 2013-11-08 19:13 - 00000060 _____ C:\WINDOWS\setupact.log
2013-11-08 19:13 - 2013-11-08 19:13 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-08 18:12 - 2013-11-08 18:46 - 00000303 _____ C:\Documents and Settings\dharma\Plocha\free.txt
2013-11-08 07:34 - 2013-11-08 07:34 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\CrashDump
2013-11-08 00:50 - 2013-09-26 10:00 - 152807109 _____ C:\Documents and Settings\dharma\Plocha\vytvarny-krouzekmp4.mp4
2013-11-07 19:02 - 2013-11-07 19:02 - 00606608 _____ C:\Documents and Settings\dharma\Plocha\59364520_4b39fc kopie.bmp
2013-11-05 22:52 - 2013-11-06 10:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-04 07:00 - 2013-11-04 07:00 - 00000020 _____ C:\Documents and Settings\dharma\Plocha\Iveta Kořínková List.txt
2013-10-31 16:41 - 2013-10-31 17:17 - 00000000 ____D C:\Documents and Settings\dharma\Dokumenty\Banner Maker Pro 8
2013-10-31 16:41 - 2013-10-31 16:41 - 00000767 _____ C:\Documents and Settings\dharma\Plocha\Banner Maker Pro 8.lnk
2013-10-31 16:41 - 2013-10-31 16:41 - 00000000 ____D C:\Program Files\Banner Maker Pro 8
2013-10-31 16:41 - 2013-10-31 16:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Banner Maker Pro 8
2013-10-29 17:41 - 2013-10-29 17:41 - 00086892 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-3.swf
2013-10-29 17:41 - 2013-10-29 17:41 - 00000594 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-3.html
2013-10-29 17:38 - 2013-10-29 17:38 - 00000594 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-2.html
2013-10-29 17:31 - 2013-10-29 17:38 - 00086778 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-2.swf
2013-10-24 10:04 - 2013-10-24 10:04 - 00000615 _____ C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
2013-10-20 21:50 - 2013-10-20 21:50 - 00000557 _____ C:\Documents and Settings\All Users\Plocha\Opera.lnk
2013-10-20 21:50 - 2013-10-20 21:50 - 00000557 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2013-10-20 21:50 - 2013-10-20 21:50 - 00000000 ____D C:\Documents and Settings\dharma\Local Settings\Data aplikací\Opera Software
2013-10-20 21:50 - 2013-10-20 21:50 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\Opera Software
2013-10-19 08:31 - 2013-10-19 08:31 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-19 08:31 - 2013-10-19 08:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-17 21:33 - 2013-10-17 21:33 - 00008455 _____ C:\Documents and Settings\dharma\basket.txt
2013-10-11 14:31 - 2013-10-11 14:31 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací

==================== One Month Modified Files and Folders =======

2013-11-09 20:23 - 2013-11-09 20:23 - 00000000 ____D C:\FRST
2013-11-09 20:23 - 2009-02-15 19:19 - 00000000 ___HD C:\Documents and Settings\dharma\Local Settings\Data aplikací
2013-11-09 20:23 - 2009-02-15 19:19 - 00000000 ____D C:\Documents and Settings\dharma\Plocha
2013-11-09 20:22 - 2013-11-09 20:22 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2013-11-09 20:22 - 2013-11-09 20:21 - 01089445 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2013-11-09 20:22 - 2009-09-02 08:37 - 00000000 ____D C:\Documents and Settings\dharma\Dokumenty\Stažené soubory
2013-11-09 20:18 - 2013-11-09 20:12 - 00403440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2013-11-09 20:18 - 2013-11-09 20:12 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-09 20:13 - 2013-11-09 20:13 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2013-11-09 20:13 - 2009-02-15 19:19 - 00000000 ___RD C:\Documents and Settings\dharma\Data aplikací
2013-11-09 20:12 - 2013-11-09 20:12 - 00774392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00403440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1384024688
2013-11-09 20:12 - 2013-11-09 20:12 - 00178304 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-11-09 20:12 - 2013-11-09 20:12 - 00035656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-11-09 20:12 - 2013-11-09 20:12 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-11-09 20:12 - 2013-11-09 20:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-11-09 20:12 - 2013-08-08 20:30 - 00269216 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-11-09 20:12 - 2009-02-15 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-09 20:12 - 2009-02-15 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-09 20:10 - 2011-06-17 21:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-11-09 19:56 - 2013-08-26 20:46 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-09 19:24 - 2010-01-09 19:17 - 00145920 _____ C:\Documents and Settings\dharma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-09 17:56 - 2013-08-26 20:46 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 14:31 - 2012-02-13 12:17 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\uTorrent
2013-11-09 13:56 - 2009-02-15 19:14 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-09 13:44 - 2012-04-30 12:25 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\YouTube Downloader
2013-11-09 12:38 - 2003-04-16 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-09 12:37 - 2011-03-23 17:09 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-09 12:37 - 2011-03-23 17:09 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-11-09 12:37 - 2010-08-07 22:08 - 01401444 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-09 12:36 - 2009-02-15 19:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-09 01:17 - 2009-02-15 19:19 - 00000272 ___SH C:\Documents and Settings\dharma\ntuser.ini
2013-11-08 23:13 - 2013-10-06 15:59 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\.ACEStream
2013-11-08 21:17 - 2012-04-15 23:12 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\Media Player Classic
2013-11-08 19:13 - 2013-11-08 19:13 - 00000060 _____ C:\WINDOWS\setupact.log
2013-11-08 19:13 - 2013-11-08 19:13 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-08 18:46 - 2013-11-08 18:12 - 00000303 _____ C:\Documents and Settings\dharma\Plocha\free.txt
2013-11-08 07:34 - 2013-11-08 07:34 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\CrashDump
2013-11-08 07:34 - 2009-02-15 19:47 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty
2013-11-07 19:08 - 2013-09-12 00:28 - 00000000 ____D C:\Documents and Settings\dharma\Plocha\Russian Sleep Experiment
2013-11-07 19:04 - 2011-02-09 21:13 - 00912384 ___SH C:\Documents and Settings\dharma\Plocha\Thumbs.db
2013-11-07 19:02 - 2013-11-07 19:02 - 00606608 _____ C:\Documents and Settings\dharma\Plocha\59364520_4b39fc kopie.bmp
2013-11-07 19:00 - 2011-03-25 08:41 - 00213813 _____ C:\lxdd.log
2013-11-07 15:21 - 2009-02-15 19:19 - 00000000 ___RD C:\Documents and Settings\dharma\Dokumenty
2013-11-07 11:20 - 2012-04-25 23:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-06 14:58 - 2009-02-15 19:19 - 00000000 ____D C:\Documents and Settings\dharma
2013-11-06 10:41 - 2013-11-05 22:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-05 21:21 - 2013-06-26 08:56 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\vlc
2013-11-05 17:31 - 2010-12-30 11:37 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2013-11-05 17:30 - 2009-08-05 23:17 - 00000000 ____D C:\Program Files\CCleaner
2013-11-04 07:00 - 2013-11-04 07:00 - 00000020 _____ C:\Documents and Settings\dharma\Plocha\Iveta Kořínková List.txt
2013-11-02 20:48 - 2010-01-19 15:22 - 00000000 ____D C:\Program Files\Adobe
2013-10-31 17:17 - 2013-10-31 16:41 - 00000000 ____D C:\Documents and Settings\dharma\Dokumenty\Banner Maker Pro 8
2013-10-31 16:41 - 2013-10-31 16:41 - 00000767 _____ C:\Documents and Settings\dharma\Plocha\Banner Maker Pro 8.lnk
2013-10-31 16:41 - 2013-10-31 16:41 - 00000000 ____D C:\Program Files\Banner Maker Pro 8
2013-10-31 16:41 - 2013-10-31 16:41 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Banner Maker Pro 8
2013-10-31 15:35 - 2013-09-26 14:34 - 00598904 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2013-10-31 15:35 - 2009-02-15 19:14 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-10-30 14:28 - 2011-04-11 16:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-10-30 14:28 - 2009-02-16 06:47 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\Winamp
2013-10-29 17:41 - 2013-10-29 17:41 - 00086892 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-3.swf
2013-10-29 17:41 - 2013-10-29 17:41 - 00000594 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-3.html
2013-10-29 17:38 - 2013-10-29 17:38 - 00000594 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-2.html
2013-10-29 17:38 - 2013-10-29 17:31 - 00086778 _____ C:\Documents and Settings\dharma\Plocha\Bez názvu-2.swf
2013-10-27 05:23 - 2009-02-15 19:48 - 01054546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-26 08:58 - 2013-06-21 13:16 - 00000081 _____ C:\out.txt
2013-10-24 10:04 - 2013-10-24 10:04 - 00000615 _____ C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
2013-10-21 21:31 - 2009-03-26 15:38 - 00004118 _____ C:\WINDOWS\wincmd.ini
2013-10-20 21:50 - 2013-10-20 21:50 - 00000557 _____ C:\Documents and Settings\All Users\Plocha\Opera.lnk
2013-10-20 21:50 - 2013-10-20 21:50 - 00000557 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2013-10-20 21:50 - 2013-10-20 21:50 - 00000000 ____D C:\Documents and Settings\dharma\Local Settings\Data aplikací\Opera Software
2013-10-20 21:50 - 2013-10-20 21:50 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací\Opera Software
2013-10-20 16:26 - 2009-02-17 16:33 - 00000078 _____ C:\WINDOWS\WatsonsBlockGame.ini
2013-10-20 15:53 - 2010-10-23 11:17 - 00013030 _____ C:\PDOXUSRS.NET
2013-10-19 11:09 - 2013-09-18 23:42 - 00000000 ____D C:\Documents and Settings\dharma\Plocha\prosoccer
2013-10-19 08:31 - 2013-10-19 08:31 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-19 08:31 - 2013-10-19 08:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-19 08:31 - 2010-01-09 19:16 - 00000000 ____D C:\Documents and Settings\dharma\Local Settings\Data aplikací\Adobe
2013-10-17 21:33 - 2013-10-17 21:33 - 00008455 _____ C:\Documents and Settings\dharma\basket.txt
2013-10-17 20:35 - 2013-08-26 20:47 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-10-11 14:31 - 2013-10-11 14:31 - 00000000 ____D C:\Documents and Settings\dharma\Data aplikací

Files to move or delete:
====================
C:\Documents and Settings\dharma\992GCAHG.bat
C:\Documents and Settings\dharma\setup.exe
C:\Documents and Settings\dharma\SETUP32.DLL


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2003-04-16 13:00] - [2008-04-14 08:52] - 1034240 ____N (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2003-04-16 13:00] - [2008-04-14 08:52] - 0507904 ____N (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2003-04-16 13:00] - [2008-04-14 08:52] - 0014336 ____N (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2003-04-16 13:00] - [2009-02-09 12:25] - 0111104 ____N (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2003-04-16 13:00] - [2008-04-14 08:52] - 0578560 ____N (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2003-04-16 13:00] - [2008-04-14 08:52] - 0026112 ____N (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2003-04-16 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:37.27 GB) (Free:4.73 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:0.54 GB) NTFS
Drive e: (Moje soubory) (CDROM) (Total:1.26 GB) (Free:0 GB) UDF
Drive f: (Místní disk) (Fixed) (Total:74.53 GB) (Free:0.81 GB) NTFS

Available physical RAM: 1030.66 MB
Total physical RAM: 1791.23 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: 1CE71CE6)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 82842864)
Partition 1: (Not Active) - (Size=75 GB) - (Type=42)
Disk: 2 (Size: 466 GB) (Disk ID: F81BF81B)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\dharma\Plocha" je 546 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr
wscript "C:\Documents and Settings\dharma\Data aplikac\Adobe\Flash Player\SpeedCache\afile.vbs" "C:\Documents and Settings\dharma\Data aplikac\Adobe\Flash Player\SpeedCache\aso.bat" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsoSpeedUp
"C:\Program Files\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DVDFab Virtual Drive\vdrive.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive
"C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer
"C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
"C:\Program Files\Lexmark 2500 Series\lxddamon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddamon
"C:\Program Files\Lexmark 2500 Series\lxddmon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXDDCATS
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddmon.exe
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
C:\Program Files\PowerISO\PWRISOVM.EXE -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^EPSON Status Monitor 3 Environment Check 2.lnk
C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Logitech SetPoint.lnk
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^Vesmr na dlani.lnk
C:\PROGRA~1\NONOBL~1\vesmir.exe


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ose REG_DWORD 0x3
Nero BackItUp Scheduler 4.0 REG_DWORD 0x2
Lavasoft Ad-Aware Service REG_DWORD 0x2
Adobe LM Service REG_DWORD 0x3
NeroRegInCDSrv REG_DWORD 0x2
InCDsrvR REG_DWORD 0x2
Adobe Version Cue CS2 REG_DWORD 0x2
gusvc REG_DWORD 0x2
gupdate1c98fa28e326f70 REG_DWORD 0x2
NVSvc REG_DWORD 0x2
Adobe Version Cue CS4 REG_DWORD 0x3
EPSONStatusAgent2 REG_DWORD 0x2
JavaQuickStarterService REG_DWORD 0x2
ForcewareWebInterface REG_DWORD 0x2
idsvc REG_DWORD 0x3
IDriverT REG_DWORD 0x3
lxdd_device REG_DWORD 0x2
nvUpdatusService REG_DWORD 0x2
CyberLink PowerDVD 11.0 Service REG_DWORD 0x2
CyberLink PowerDVD 11.0 Monitor Service REG_DWORD 0x2
CryptSvc REG_DWORD 0x2
CLHNServiceForPowerDVD REG_DWORD 0x2
gupdatem REG_DWORD 0x3
gupdate REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe"="C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\\Program Files\\Lexmark 2500 Series\\app4r.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled:BorgListener"
"C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe"="C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe:*:Enabled:Detect Multiple Routers"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"="C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe:*:Enabled:Device Monitor Appliaction"
"C:\\Program Files\\Lexmark 2500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled: "
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Enabled:Google Earth"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Disabled:Winamp"
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"="C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe:*:Enabled:Google Earth"
"F:\\Program Files\\Battlefield 2\\BF2.exe"="F:\\Program Files\\Battlefield 2\\BF2.exe:*:Enabled:BF2"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe:*:Enabled: "
"C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"="C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\zIRC\\zirc.exe"="C:\\Program Files\\zIRC\\zirc.exe:*:Enabled:z Internet Relay Chat Client"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"D:\\Program Files\\GTa san\\GTA San Andreas\\samp.exe"="D:\\Program Files\\GTa san\\GTA San Andreas\\samp.exe:*:Enabled:San Andreas Multiplayer"
"D:\\Program Files\\Counter-Strike 1.6\\hl.exe"="D:\\Program Files\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe"="D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe"="D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe"="C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe:*:Enabled:Detect Multiple Routers"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\\Documents and Settings\\dharma\\Data aplikac\\BitTorrent\\BitTorrent.exe"="C:\\Documents and Settings\\dharma\\Data aplikac\\BitTorrent\\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Przkumnk Windows"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Program Files\\MotoGP2\\motogp2.exe"="C:\\Program Files\\MotoGP2\\motogp2.exe:*:Enabled:motogp2"
"C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe"="C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe:*:Enabled:VSO Downloader"
"C:\\Program Files\\Aimersoft\\Video Converter Ultimate\\URLReqService.exe"="C:\\Program Files\\Aimersoft\\Video Converter Ultimate\\URLReqService.exe:*:Enabled:URLReqService"
"D:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="D:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player 2.0.8"
"C:\\Documents and Settings\\dharma\\Data aplikac\\ACEStream\\engine\\ace_engine.exe"="C:\\Documents and Settings\\dharma\\Data aplikac\\ACEStream\\engine\\ace_engine.exe:*:Enabled:AceStream"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"54321:TCP"="54321:TCP:*:Enabled:uTorrent"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Spustte tradicne dvouklikem
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[vojta.kuca.kucera]

provedeno

Shortcut Cleaner 1.2.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 11/09/2013 08:53:39 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\dharma\Nabídka Start\

Searching C:\Documents and Settings\All Users\Nabídka Start\

Searching C:\Documents and Settings\dharma\Data aplikací\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Documents and Settings\All Users\Plocha\

Searching C:\Documents and Settings\dharma\Plocha


0 bad shortcuts found.

Program finished at: 11/09/2013 08:53:45 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by dharma on so 09.11.2013 at 20:57:17,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\ytd"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml"
Successfully deleted the following from C:\Documents and Settings\dharma\Data aplikací\mozilla\firefox\profiles\u4anjg9u.default\prefs.js

user_pref("extensions.mmsearch.mmsearch-freesearchengines", "f1f_vGooglef_vhxxp://www.google.com/search?q={searchTerms}&i ... D}:{moz:lo
user_pref("extensions.mmsearch.mmsearch-sestats", "f1s_v281s_ef4s_v8s_ef3s_v95s_ef2s_v8s_ef5s_v2s_ef6s_v2s_ef7s_v2s_ef8s_v2");
Emptied folder: C:\Documents and Settings\dharma\Data aplikací\mozilla\firefox\profiles\u4anjg9u.default\minidumps [7 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 09.11.2013 at 21:04:24,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v3.011 - Report created 09/11/2013 at 21:12:14
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : dharma - DHARMA-A14GPJLV
# Running from : C:\Documents and Settings\dharma\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\ICQToolbarData

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Vuze\Azureus.exe]
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Data aplikací\Mozilla\Firefox\Profiles\8s2wzzod.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\dharma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2628 octets] - [09/11/2013 21:10:08]
AdwCleaner[S0].txt - [2593 octets] - [09/11/2013 21:12:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2653 octets] ##########

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
  Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
  Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
  Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
  Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
  Startup: C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
  
  ProxyServer: 210.169.168.85:80
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  SearchScopes: HKCU - DefaultScope search13 URL = http://search13.net/search.php?q={searchTerms}
  SearchScopes: HKCU - search13 URL = http://search13.net/search.php?q={searchTerms}
  
  FF Homepage: about:home
  FF NetworkProxy: "backup.ftp_port", ""
  FF NetworkProxy: "backup.socks_port", ""
  FF NetworkProxy: "backup.ssl_port", ""
  FF NetworkProxy: "http", "210.169.168.85"
  FF NetworkProxy: "http_port", 80
  FF NetworkProxy: "no_proxies_on", ""
  FF NetworkProxy: "type", 0
  FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁
  FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\firefox\magicplayer@torrentstream.org
  
  C:\Documents and Settings\dharma\992GCAHG.bat
  C:\Documents and Settings\dharma\setup.exe
  C:\Documents and Settings\dharma\SETUP32.DLL
  
  Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsoSpeedUp" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk" /f
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[vojta.kuca.kucera]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by dharma at 2013-11-09 22:25:09 Run:1
Running from C:\Documents and Settings\dharma\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
Startup: C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk
Startup: C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk

ProxyServer: 210.169.168.85:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope search13 URL = http://search13.net/search.php?q={searchTerms}
SearchScopes: HKCU - search13 URL = http://search13.net/search.php?q={searchTerms}

FF Homepage: about:home
FF NetworkProxy: "backup.ftp_port", ""
FF NetworkProxy: "backup.socks_port", ""
FF NetworkProxy: "backup.ssl_port", ""
FF NetworkProxy: "http", "210.169.168.85"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\???????????????????
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\firefox\magicplayer@torrentstream.org

C:\Documents and Settings\dharma\992GCAHG.bat
C:\Documents and Settings\dharma\setup.exe
C:\Documents and Settings\dharma\SETUP32.DLL

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsoSpeedUp" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk" /f

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk => Moved successfully.
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk => Moved successfully.
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk => Moved successfully.
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk => Moved successfully.
C:\Documents and Settings\UpdatusUser\Nabídka Start\Programy\Po spuštění\Uninstall LastPass RunOnce.lnk => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\search13 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\search13 => Key not found.
Firefox homepage deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.

"C:\Program Files\Mozilla Firefox\extensions\???????????????????" directory move:

Could not move "C:\Program Files\Mozilla Firefox\extensions\???????????????????" directory. => Scheduled to move on reboot.

HKCU\Software\Mozilla\Firefox\Extensions\\magicplayer@torrentstream.org => Value deleted successfully.
C:\Documents and Settings\dharma\992GCAHG.bat => Moved successfully.
C:\Documents and Settings\dharma\setup.exe => Moved successfully.
C:\Documents and Settings\dharma\SETUP32.DLL => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsoSpeedUp" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk" /f =========


Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

=========== Result of Scheduled Files to move ===========

"C:\Program Files\Mozilla Firefox\extensions\???????????????????" => Directory could not move.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse