Zdvojené háčky a čárky

[sisina55]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-11-2013 01
Ran by Lenka (administrator) on LENKA-5E9112B8F on 26-11-2013 08:09:17
Running from C:\Documents and Settings\Lenka\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe
(SEIKO EPSON Corp.) C:\WINDOWS\system32\ESDUSBMon.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
(SEIKO EPSON Corp.) C:\WINDOWS\system32\EpStsSrv.exe
(SEIKO EPSON CORPORATION) C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Documents and Settings\Lenka\Plocha\Nepoužívané odkazy plochy\cs-CZ\cesuz.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
(TODO: <Company name>) C:\WINDOWS\system32\SAiDownloader.exe
(SA International) C:\WINDOWS\system32\SAiLicSvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Acresso) C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Vivid WorkshopData ATI\jre\bin\java.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(forum.viry.cz) C:\Documents and Settings\Lenka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [cesuz] - C:\Documents and Settings\Lenka\Plocha\Nepoužívané odkazy plochy\cs-CZ\cesuz.exe [274432 2007-09-27] ()
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... earchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {2cee687b-22b1-4c9c-bc8d-d64aac0f661f} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... isticka_12
SearchScopes: HKCU - {8f6c73ed-53b8-42bb-a214-f6131958f56e} URL = http://www.firmy.cz/phr/{searchTerms}?s ... isticka_12
SearchScopes: HKCU - {90db1797-5d66-49be-a3d2-cd77a1e70b87} URL = http://www.mapy.cz/?query={searchTerms} ... isticka_12
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
Toolbar: HKCU - No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {7B19E477-0FF8-11d4-9914-005004D3B3DB} http://java.sun.com/products/plugin/1.2 ... 11-win.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0013-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.3.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8465408 2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-09-05] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\searchplugins\google-peklada.xml
FF SearchPlugin: C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\searchplugins\ividi.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: SearchNewTab - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\jynrcbggms@oohzie.net
FF Extension: sAvvensharE - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\tymm@rvfmao.co.uk
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] -

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-09-05] (SUPERAntiSpyware.com)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-09-23] ()
R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2006-09-12] (Autodata Limited)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Crypkey License; C:\Windows\System32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.)
R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [942080 2006-06-07] (Diskeeper Corporation)
R2 EPSON ESCPOS Status Service; C:\Windows\System32\EpStsSrv.exe [77824 2006-05-17] (SEIKO EPSON Corp.)
R2 EPSON_PM_RPCV4_01; C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MySQL; C:\Program Files\AWIS\AWKasa\bin\mysqld-nt.exe [2203648 2009-01-10] ()
S4 ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [174656 2006-11-02] ()
R2 SAiDownloader; C:\WINDOWS\system32\SAiDownloader.exe [438272 2007-09-11] (TODO: <Company name>)
R2 SAiLicSvr; C:\WINDOWS\system32\SAiLicSvr.exe [86016 2007-12-19] (SA International)
S4 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
R2 StarWindService; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [217600 2005-04-02] (Rocket Division Software)
R2 STI Simulator; C:\windows\System32\PAStiSvc.exe [53248 2005-01-14] ()
R2 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2013-02-21] (Acresso)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 adusbmdm6501; C:\Windows\System32\DRIVERS\adusbmdm65.sys [64896 2005-05-02] (AnyDATA Corporation)
S3 adusbser6501; C:\Windows\System32\DRIVERS\adusbser65.sys [64896 2005-05-02] (AnyDATA Corporation)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2010-01-03] (Cisco Systems, Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
S2 AMON; C:\Windows\system32\drivers\amon.sys [512096 2008-08-13] (Eset )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [100328 2011-02-24] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [308200 2011-02-24] (ASMedia Technology Inc)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2006-09-12] (DT Soft Ltd.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2006-12-15] (SlySoft, Inc.)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [15440 2006-12-15] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [11984 2006-12-14] (Elaborate Bytes AG)
S2 EpsPort; C:\Windows\System32\Drivers\EpsPort.sys [7648 1999-10-29] (SEIKO EPSON CORPORATION)
R2 Esdpdx01; C:\windows\system32\Drivers\ESDPDX01.SYS [95485 2006-05-11] (MK Systems CO., LTD.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-17] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [28449 2005-12-19] (FTDI Ltd.)
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\windows\system32\drivers\Haspnt.sys [47616 2008-01-17] (Aladdin Knowledge Systems)
S3 HS4R; C:\Windows\System32\Drivers\hs4r.sys [11776 2005-09-16] (TiePie)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [47064 2013-11-25] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] ()
R1 nod32drv; C:\Windows\system32\drivers\nod32drv.sys [15424 2008-08-13] ()
R2 NSHE; C:\windows\system32\Drivers\NSHE.SYS [97792 2008-11-23] (T0r0 2008)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [34176 2006-02-17] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [13056 2006-02-17] (NVIDIA Corporation)
R0x01000000 papycpu2; C:\Windows\System32\DRIVERS\papycpu2.sys [1984 2003-01-17] ()
R0x01000000 papyjoy; C:\Windows\System32\DRIVERS\papyjoy.sys [1856 2003-01-17] ()
S3 PSSDK42; C:\windows\system32\Drivers\pssdk42.sys [38976 2009-10-23] (microOLAP Technologies LTD)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-09-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-09-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [37088 2008-07-11] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [643072 2006-09-12] ()
S3 USBHS4L; C:\Windows\System32\Drivers\hs4l.sys [16384 2005-09-16] (TiePie engineering)
R0 Vax347b; C:\Windows\System32\DRIVERS\Vax347b.sys [159616 2005-04-25] ( )
R0 Vax347s; C:\Windows\System32\Drivers\Vax347s.sys [5248 2004-04-30] ( )
S3 vaxscsi; C:\Windows\System32\Drivers\vaxscsi.sys [223128 2006-10-21] (Alcohol Soft Co., Ltd.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2004-05-13] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21440 2004-05-13] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [14720 2004-05-13] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5600 2004-05-13] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44384 2004-05-13] (Logitech Inc.)
S3 BtAudio; system32\DRIVERS\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S3 catchme; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\catchme.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
S3 NTACCESS; \??\D:\NTACCESS.sys [x]
S3 PAC207; system32\DRIVERS\pfc027.sys [x]
S2 Par1284; \??\C:\Program Files\SAi\SAi Production Suite\Program\Par1284.sys [x]
S3 rkhdrv40; No ImagePath
S3 rt2870; system32\DRIVERS\rt2870.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-26 08:09 - 2013-11-26 08:09 - 00018463 _____ C:\Documents and Settings\Lenka\Plocha\FRST.txt
2013-11-26 08:08 - 2013-11-26 08:08 - 00000000 ____D C:\FRST
2013-11-26 08:05 - 2013-11-26 08:05 - 01091605 _____ (Farbar) C:\Documents and Settings\Lenka\Plocha\FRST.exe
2013-11-26 08:05 - 2013-11-26 08:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Lenka\Plocha\FRSTLauncher.exe
2013-11-25 20:32 - 2013-11-25 20:32 - 00015705 _____ C:\ComboFix.txt
2013-11-25 20:22 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2013-11-25 20:22 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2013-11-25 20:22 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2013-11-25 20:22 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2013-11-25 20:21 - 2013-11-25 20:31 - 00000000 ____D C:\windows\erdnt
2013-11-25 20:17 - 2013-11-25 20:19 - 00004276 _____ C:\Documents and Settings\Lenka\Plocha\Rkill.txt
2013-11-25 20:17 - 2013-11-25 20:17 - 05149261 ____R (Swearware) C:\Documents and Settings\Lenka\Plocha\ComboFix.exe
2013-11-25 20:16 - 2013-11-25 20:16 - 01898232 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Lenka\Plocha\rkill.com
2013-11-25 19:58 - 2013-11-25 19:58 - 00001380 _____ C:\Documents and Settings\Lenka\Plocha\AdwCleaner[S1].txt
2013-11-25 19:47 - 2013-11-25 19:51 - 00000000 ____D C:\AdwCleaner
2013-11-25 19:47 - 2013-11-25 19:47 - 01091882 _____ C:\Documents and Settings\Lenka\Plocha\adwcleaner.exe
2013-11-25 19:45 - 2013-11-25 19:45 - 00002395 _____ C:\Documents and Settings\Lenka\Plocha\JRT.txt
2013-11-25 19:35 - 2013-11-25 19:35 - 01034531 _____ (Thisisu) C:\Documents and Settings\Lenka\Plocha\JRT.exe
2013-11-25 19:35 - 2013-11-25 19:35 - 00000000 ____D C:\windows\ERUNT
2013-11-25 14:27 - 2013-11-25 14:27 - 00055720 _____ C:\Documents and Settings\Lenka\Plocha\cer.eps
2013-11-25 14:11 - 2013-11-25 14:11 - 00026491 _____ C:\Documents and Settings\Lenka\Plocha\z2.eps
2013-11-25 13:46 - 2013-11-25 13:46 - 00066976 _____ C:\Documents and Settings\Lenka\Plocha\z1.eps
2013-11-25 13:26 - 2013-11-25 13:26 - 00029835 _____ C:\Documents and Settings\Lenka\Plocha\zlata.eps
2013-11-25 13:05 - 2013-11-25 13:05 - 00067472 _____ C:\Documents and Settings\Lenka\Plocha\cerna.eps
2013-11-25 12:51 - 2013-11-25 12:51 - 00054234 _____ C:\Documents and Settings\Lenka\Plocha\zelena.eps
2013-11-25 10:44 - 2013-11-26 07:24 - 00000744 _____ C:\windows\error.log
2013-11-25 10:44 - 2013-11-26 07:24 - 00000294 _____ C:\windows\EpsStmMon3.log
2013-11-25 10:43 - 2013-11-26 07:23 - 00000234 _____ C:\windows\errord.log
2013-11-25 08:51 - 2013-11-25 08:51 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-11-25 08:38 - 2013-11-25 11:30 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\mbar
2013-11-25 08:38 - 2013-11-25 08:38 - 00047064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-25 08:37 - 2013-11-25 08:37 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\Lenka\Plocha\mbar-1.07.0.1007.exe
2013-11-25 08:37 - 2013-11-25 08:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Lenka\Plocha\mbam-setup-1.75.0.1300.exe
2013-11-25 08:24 - 2013-11-25 08:24 - 00000000 ____D C:\rsit
2013-11-25 08:23 - 2013-11-25 08:23 - 00781383 _____ C:\Documents and Settings\Lenka\Plocha\RSIT.exe
2013-11-23 11:31 - 2013-11-25 08:15 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\hp-xp
2013-11-22 15:24 - 2013-11-25 11:31 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikací\PhrozenSoft
2013-11-22 15:00 - 2013-11-25 08:21 - 00000000 ___HD C:\windows\system32\svcl32
2013-11-22 14:57 - 2013-11-22 14:57 - 00000784 ___SH C:\windows\system\actualspystart.lnk
2013-11-22 14:49 - 2013-11-22 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\UCA
2013-11-22 14:05 - 2013-11-22 14:14 - 00000000 ____D C:\Program Files\HomeKeylogger
2013-11-22 13:59 - 2013-11-23 09:07 - 00000000 ____D C:\Program Files\WideStep Software
2013-11-21 14:24 - 2013-11-21 14:24 - 00040591 _____ C:\Documents and Settings\Lenka\Plocha\a.eps
2013-11-21 13:20 - 2013-11-21 13:20 - 00026613 _____ C:\Documents and Settings\Lenka\Plocha\3.eps
2013-11-21 12:00 - 2013-11-21 12:00 - 00035674 _____ C:\Documents and Settings\Lenka\Plocha\Grafika2.eps
2013-11-20 14:09 - 2013-11-20 14:09 - 00036048 _____ C:\Documents and Settings\Lenka\Plocha\Grafika12.eps
2013-11-20 08:50 - 2013-11-20 08:50 - 00066330 _____ C:\Documents and Settings\Lenka\Plocha\Grafika11.eps
2013-11-20 08:31 - 2013-11-25 14:14 - 00026493 _____ C:\Documents and Settings\Lenka\Plocha\Grafika1.eps
2013-11-20 07:46 - 2013-11-20 07:46 - 00139164 _____ C:\Documents and Settings\Lenka\Plocha\modra oranz.eps
2013-11-19 18:31 - 2013-11-20 14:29 - 00102945 _____ C:\Documents and Settings\Lenka\Plocha\stribr.eps
2013-11-19 18:31 - 2013-11-19 18:31 - 00162091 _____ C:\Documents and Settings\Lenka\Plocha\bi.eps
2013-11-19 16:19 - 2013-11-19 16:19 - 00045609 _____ C:\Documents and Settings\Lenka\Plocha\logo.eps
2013-11-19 16:13 - 2013-11-19 16:13 - 00089762 _____ C:\Documents and Settings\Lenka\Plocha\inmoti1.eps
2013-11-19 15:50 - 2013-11-19 15:50 - 00156436 _____ C:\Documents and Settings\Lenka\Plocha\inmoti.eps
2013-11-19 15:22 - 2013-11-19 15:22 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-11-19 15:22 - 2013-11-19 15:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Oblíbené položky
2013-11-19 13:40 - 2013-11-23 13:42 - 00000000 ____D C:\ks
2013-11-19 12:44 - 2013-11-19 12:44 - 00057828 _____ C:\Documents and Settings\Lenka\Plocha\Grafika3.eps
2013-11-19 08:45 - 2013-11-19 08:45 - 00283137 _____ C:\Documents and Settings\Lenka\.recently-used.xbel
2013-11-19 08:45 - 2013-11-19 08:45 - 00012967 _____ C:\Documents and Settings\Lenka\Plocha\ZÁDA vesmír.eps
2013-11-19 08:07 - 2013-11-19 08:07 - 00031676 _____ C:\Documents and Settings\Lenka\Plocha\What´s your language.eps
2013-11-16 09:56 - 2013-11-16 10:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 12:25 - 2013-11-15 12:25 - 00051422 _____ C:\Documents and Settings\Lenka\Plocha\obr. 1.eps
2013-11-15 12:25 - 2013-11-15 12:25 - 00008538 _____ C:\Documents and Settings\Lenka\Plocha\obr.3.eps
2013-11-15 12:24 - 2013-11-15 12:24 - 00040257 _____ C:\Documents and Settings\Lenka\Plocha\obr.2.eps
2013-11-15 08:54 - 2013-11-15 08:54 - 00119721 _____ C:\windows\FontData.fdb
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy
2013-11-13 21:15 - 2013-11-25 20:32 - 00000000 ____D C:\Qoobox
2013-11-13 21:15 - 2013-11-13 21:15 - 00000000 ___RD C:\Documents and Settings\Lenka\Dokumenty\Filmy
2013-11-13 11:40 - 2013-11-19 15:22 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-11-13 11:40 - 2013-11-19 15:22 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2013-11-13 11:40 - 2013-11-19 15:22 - 00000000 ____D C:\Documents and Settings\Administrator
2013-11-13 11:40 - 2013-11-14 15:58 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2013-11-13 11:40 - 2013-11-14 15:58 - 00000000 ____D C:\Documents and Settings\Administrator\Šablony
2013-11-13 11:40 - 2006-09-09 20:45 - 00001599 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-13 11:40 - 2006-09-09 20:45 - 00000792 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2013-11-08 15:20 - 2013-11-08 15:20 - 00000018 _____ C:\Documents and Settings\Lenka\Dokumenty\teamwiewer.txt
2013-11-08 11:13 - 2013-11-08 11:13 - 00000000 ____D C:\Program Files\Aplikace MB1
2013-11-07 12:50 - 2013-11-07 12:51 - 11841601 _____ C:\Documents and Settings\Lenka\Plocha\Canon_iC_MF5730_300_64.zip
2013-11-07 12:45 - 2013-11-07 12:45 - 11988096 _____ C:\Documents and Settings\Lenka\Plocha\MF5770_MFDrivers_W64_us_EN.exe
2013-11-06 14:58 - 2013-11-08 10:55 - 00000000 ____D C:\Program Files\Aplikace MB

==================== One Month Modified Files and Folders =======

2013-11-26 08:09 - 2013-11-26 08:09 - 00018463 _____ C:\Documents and Settings\Lenka\Plocha\FRST.txt
2013-11-26 08:09 - 2006-09-09 20:53 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha
2013-11-26 08:08 - 2013-11-26 08:08 - 00000000 ____D C:\FRST
2013-11-26 08:08 - 2006-09-09 20:53 - 00000000 ___HD C:\Documents and Settings\Lenka\Local Settings\Data aplikací
2013-11-26 08:05 - 2013-11-26 08:05 - 01091605 _____ (Farbar) C:\Documents and Settings\Lenka\Plocha\FRST.exe
2013-11-26 08:05 - 2013-11-26 08:05 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Lenka\Plocha\FRSTLauncher.exe
2013-11-26 07:43 - 2012-05-24 12:45 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-26 07:32 - 2011-09-06 18:21 - 00391710 _____ C:\windows\WindowsUpdate.log
2013-11-26 07:27 - 2013-06-08 08:29 - 00000364 ____H C:\windows\Tasks\avast! Emergency Update.job
2013-11-26 07:27 - 2010-02-12 17:15 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\organiser
2013-11-26 07:25 - 2006-12-18 15:11 - 00000159 _____ C:\windows\wiadebug.log
2013-11-26 07:25 - 2006-12-18 15:11 - 00000050 _____ C:\windows\wiaservc.log
2013-11-26 07:24 - 2013-11-25 10:44 - 00000744 _____ C:\windows\error.log
2013-11-26 07:24 - 2013-11-25 10:44 - 00000294 _____ C:\windows\EpsStmMon3.log
2013-11-26 07:24 - 2006-09-09 20:52 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-26 07:24 - 2006-09-09 20:49 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-26 07:23 - 2013-11-25 10:43 - 00000234 _____ C:\windows\errord.log
2013-11-25 21:33 - 2006-09-09 20:53 - 00000272 ___SH C:\Documents and Settings\Lenka\ntuser.ini
2013-11-25 21:33 - 2006-09-09 20:52 - 00032478 _____ C:\windows\SchedLgU.Txt
2013-11-25 20:32 - 2013-11-25 20:32 - 00015705 _____ C:\ComboFix.txt
2013-11-25 20:32 - 2013-11-13 21:15 - 00000000 ____D C:\Qoobox
2013-11-25 20:31 - 2013-11-25 20:21 - 00000000 ____D C:\windows\erdnt
2013-11-25 20:30 - 2001-10-25 15:00 - 00000277 _____ C:\windows\system.ini
2013-11-25 20:23 - 2006-09-09 20:53 - 00000000 __RHD C:\Documents and Settings\Lenka\Data aplikací
2013-11-25 20:19 - 2013-11-25 20:17 - 00004276 _____ C:\Documents and Settings\Lenka\Plocha\Rkill.txt
2013-11-25 20:17 - 2013-11-25 20:17 - 05149261 ____R (Swearware) C:\Documents and Settings\Lenka\Plocha\ComboFix.exe
2013-11-25 20:16 - 2013-11-25 20:16 - 01898232 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Lenka\Plocha\rkill.com
2013-11-25 19:58 - 2013-11-25 19:58 - 00001380 _____ C:\Documents and Settings\Lenka\Plocha\AdwCleaner[S1].txt
2013-11-25 19:51 - 2013-11-25 19:47 - 00000000 ____D C:\AdwCleaner
2013-11-25 19:47 - 2013-11-25 19:47 - 01091882 _____ C:\Documents and Settings\Lenka\Plocha\adwcleaner.exe
2013-11-25 19:45 - 2013-11-25 19:45 - 00002395 _____ C:\Documents and Settings\Lenka\Plocha\JRT.txt
2013-11-25 19:35 - 2013-11-25 19:35 - 01034531 _____ (Thisisu) C:\Documents and Settings\Lenka\Plocha\JRT.exe
2013-11-25 19:35 - 2013-11-25 19:35 - 00000000 ____D C:\windows\ERUNT
2013-11-25 18:39 - 2006-09-10 04:17 - 00000000 ____D C:\windows\Cursors
2013-11-25 14:27 - 2013-11-25 14:27 - 00055720 _____ C:\Documents and Settings\Lenka\Plocha\cer.eps
2013-11-25 14:14 - 2013-11-20 08:31 - 00026493 _____ C:\Documents and Settings\Lenka\Plocha\Grafika1.eps
2013-11-25 14:11 - 2013-11-25 14:11 - 00026491 _____ C:\Documents and Settings\Lenka\Plocha\z2.eps
2013-11-25 13:46 - 2013-11-25 13:46 - 00066976 _____ C:\Documents and Settings\Lenka\Plocha\z1.eps
2013-11-25 13:26 - 2013-11-25 13:26 - 00029835 _____ C:\Documents and Settings\Lenka\Plocha\zlata.eps
2013-11-25 13:05 - 2013-11-25 13:05 - 00067472 _____ C:\Documents and Settings\Lenka\Plocha\cerna.eps
2013-11-25 12:51 - 2013-11-25 12:51 - 00054234 _____ C:\Documents and Settings\Lenka\Plocha\zelena.eps
2013-11-25 12:09 - 2008-08-24 20:22 - 00000000 _____ C:\windows\MEMORY.DMP
2013-11-25 12:09 - 2006-09-10 04:23 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-25 11:31 - 2013-11-22 15:24 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikací\PhrozenSoft
2013-11-25 11:31 - 2009-08-05 07:17 - 00000000 ____D C:\windows\Crystal
2013-11-25 11:30 - 2013-11-25 08:38 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\mbar
2013-11-25 10:52 - 2006-09-10 04:17 - 00000000 ____D C:\windows\system
2013-11-25 08:51 - 2013-11-25 08:51 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-11-25 08:51 - 2009-06-06 11:27 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-25 08:51 - 2009-06-06 11:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-11-25 08:51 - 2006-09-10 04:25 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-25 08:38 - 2013-11-25 08:38 - 00047064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-25 08:37 - 2013-11-25 08:37 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\Lenka\Plocha\mbar-1.07.0.1007.exe
2013-11-25 08:37 - 2013-11-25 08:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Lenka\Plocha\mbam-setup-1.75.0.1300.exe
2013-11-25 08:24 - 2013-11-25 08:24 - 00000000 ____D C:\rsit
2013-11-25 08:24 - 2009-06-05 15:02 - 00000000 ____D C:\Program Files\trend micro
2013-11-25 08:23 - 2013-11-25 08:23 - 00781383 _____ C:\Documents and Settings\Lenka\Plocha\RSIT.exe
2013-11-25 08:21 - 2013-11-22 15:00 - 00000000 ___HD C:\windows\system32\svcl32
2013-11-25 08:16 - 2006-09-09 20:53 - 00000000 ____D C:\Documents and Settings\Lenka
2013-11-25 08:15 - 2013-11-23 11:31 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\hp-xp
2013-11-25 07:18 - 2001-10-25 15:00 - 00002206 _____ C:\windows\system32\wpa.dbl
2013-11-23 13:42 - 2013-11-19 13:40 - 00000000 ____D C:\ks
2013-11-23 09:07 - 2013-11-22 13:59 - 00000000 ____D C:\Program Files\WideStep Software
2013-11-22 15:40 - 2006-09-09 20:53 - 00000000 ____D C:\Documents and Settings\Lenka\Nabídka Start\Programy
2013-11-22 15:25 - 2006-09-10 04:25 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-22 15:01 - 2013-11-22 14:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\UCA
2013-11-22 14:57 - 2013-11-22 14:57 - 00000784 ___SH C:\windows\system\actualspystart.lnk
2013-11-22 14:14 - 2013-11-22 14:05 - 00000000 ____D C:\Program Files\HomeKeylogger
2013-11-21 14:24 - 2013-11-21 14:24 - 00040591 _____ C:\Documents and Settings\Lenka\Plocha\a.eps
2013-11-21 13:20 - 2013-11-21 13:20 - 00026613 _____ C:\Documents and Settings\Lenka\Plocha\3.eps
2013-11-21 12:00 - 2013-11-21 12:00 - 00035674 _____ C:\Documents and Settings\Lenka\Plocha\Grafika2.eps
2013-11-20 14:29 - 2013-11-19 18:31 - 00102945 _____ C:\Documents and Settings\Lenka\Plocha\stribr.eps
2013-11-20 14:09 - 2013-11-20 14:09 - 00036048 _____ C:\Documents and Settings\Lenka\Plocha\Grafika12.eps
2013-11-20 14:05 - 2006-09-10 14:40 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikací\vlc
2013-11-20 08:50 - 2013-11-20 08:50 - 00066330 _____ C:\Documents and Settings\Lenka\Plocha\Grafika11.eps
2013-11-20 07:50 - 2006-09-10 13:18 - 00001638 _____ C:\windows\WINCMD.INI
2013-11-20 07:46 - 2013-11-20 07:46 - 00139164 _____ C:\Documents and Settings\Lenka\Plocha\modra oranz.eps
2013-11-19 18:31 - 2013-11-19 18:31 - 00162091 _____ C:\Documents and Settings\Lenka\Plocha\bi.eps
2013-11-19 16:25 - 2012-04-17 14:41 - 00000643 ____H C:\windows\system32\GelSprinter GX e2600.CAC
2013-11-19 16:19 - 2013-11-19 16:19 - 00045609 _____ C:\Documents and Settings\Lenka\Plocha\logo.eps
2013-11-19 16:13 - 2013-11-19 16:13 - 00089762 _____ C:\Documents and Settings\Lenka\Plocha\inmoti1.eps
2013-11-19 15:50 - 2013-11-19 15:50 - 00156436 _____ C:\Documents and Settings\Lenka\Plocha\inmoti.eps
2013-11-19 15:30 - 2006-10-10 07:49 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\Nepoužívané odkazy plochy
2013-11-19 15:22 - 2013-11-19 15:22 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-11-19 15:22 - 2013-11-19 15:22 - 00000000 ___RD C:\Documents and Settings\Administrator\Oblíbené položky
2013-11-19 15:22 - 2013-11-13 11:40 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-11-19 15:22 - 2013-11-13 11:40 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2013-11-19 15:22 - 2013-11-13 11:40 - 00000000 ____D C:\Documents and Settings\Administrator
2013-11-19 15:02 - 2001-10-25 15:00 - 00001415 _____ C:\windows\win.ini
2013-11-19 12:44 - 2013-11-19 12:44 - 00057828 _____ C:\Documents and Settings\Lenka\Plocha\Grafika3.eps
2013-11-19 08:45 - 2013-11-19 08:45 - 00283137 _____ C:\Documents and Settings\Lenka\.recently-used.xbel
2013-11-19 08:45 - 2013-11-19 08:45 - 00012967 _____ C:\Documents and Settings\Lenka\Plocha\ZÁDA vesmír.eps
2013-11-19 08:45 - 2008-04-08 16:33 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikací\gtk-2.0
2013-11-19 08:07 - 2013-11-19 08:07 - 00031676 _____ C:\Documents and Settings\Lenka\Plocha\What´s your language.eps
2013-11-18 07:24 - 2012-05-24 12:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-16 10:01 - 2013-11-16 09:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 09:33 - 2006-09-09 20:42 - 00000000 ____D C:\windows\system32\Restore
2013-11-15 12:25 - 2013-11-15 12:25 - 00051422 _____ C:\Documents and Settings\Lenka\Plocha\obr. 1.eps
2013-11-15 12:25 - 2013-11-15 12:25 - 00008538 _____ C:\Documents and Settings\Lenka\Plocha\obr.3.eps
2013-11-15 12:24 - 2013-11-15 12:24 - 00040257 _____ C:\Documents and Settings\Lenka\Plocha\obr.2.eps
2013-11-15 08:54 - 2013-11-15 08:54 - 00119721 _____ C:\windows\FontData.fdb
2013-11-14 19:57 - 2013-03-18 13:02 - 00000000 ____D C:\Program Files\Trell
2013-11-14 19:57 - 2012-03-02 16:28 - 00000000 ____D C:\Documents and Settings\Lenka\Nabídka Start\Programy\DoubleGames
2013-11-14 19:57 - 2012-03-02 16:27 - 00000000 ____D C:\Program Files\DoubleGames.tv
2013-11-14 19:56 - 2007-12-24 23:51 - 00000000 ____D C:\Program Files\Corel
2013-11-14 18:30 - 2008-01-09 22:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CorelDRAW Graphics Suite X3
2013-11-14 18:21 - 2010-09-27 16:24 - 00001464 _____ C:\Documents and Settings\Lenka\Local Settings\Data aplikací\SRDownloader(2).nast
2013-11-14 18:20 - 2010-09-27 16:17 - 02448062 _____ C:\Documents and Settings\Lenka\Local Settings\Data aplikací\SRDownloader(2).err
2013-11-14 16:55 - 2006-09-17 13:06 - 00240088 _____ C:\Documents and Settings\Lenka\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-11-14 16:53 - 2007-12-24 23:52 - 00000995 _____ C:\Documents and Settings\All Users\Nabídka Start\Program Updates.lnk
2013-11-14 16:53 - 2006-09-10 04:25 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-14 16:04 - 2011-09-02 10:38 - 00001689 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-11-14 16:04 - 2006-09-09 20:45 - 00002548 _____ C:\windows\system32\CONFIG.NT
2013-11-14 16:00 - 2006-09-10 04:23 - 00646560 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-14 15:59 - 2006-09-09 20:52 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-11-14 15:59 - 2006-09-09 20:41 - 00000000 ____D C:\windows\Registration
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2013-11-14 15:58 - 2013-11-14 15:58 - 00000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy
2013-11-14 15:58 - 2013-11-13 11:40 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2013-11-14 15:58 - 2013-11-13 11:40 - 00000000 ____D C:\Documents and Settings\Administrator\Šablony
2013-11-14 09:09 - 2009-04-11 13:02 - 00008192 ____H C:\windows\system32\config\SECURITY.tmp.LOG
2013-11-14 09:09 - 2006-09-10 04:23 - 00053248 _____ C:\windows\system32\config\SECURITY.bak
2013-11-14 09:09 - 2006-09-10 04:23 - 00028672 _____ C:\windows\system32\config\SAM.bak
2013-11-14 09:09 - 2006-09-10 04:21 - 33435648 _____ C:\windows\system32\config\software.bak
2013-11-14 09:09 - 2006-09-10 04:21 - 11272192 _____ C:\windows\system32\config\system.bak
2013-11-14 09:09 - 2006-09-10 04:21 - 00299008 _____ C:\windows\system32\config\default.bak
2013-11-13 21:15 - 2013-11-13 21:15 - 00000000 ___RD C:\Documents and Settings\Lenka\Dokumenty\Filmy
2013-11-13 21:15 - 2006-09-09 20:53 - 00000000 ___RD C:\Documents and Settings\Lenka\Dokumenty
2013-11-13 07:43 - 2006-09-10 04:26 - 01215008 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-11 12:47 - 2007-08-12 14:45 - 00001833 _____ C:\windows\MAILTRAN.INI
2013-11-08 15:20 - 2013-11-08 15:20 - 00000018 _____ C:\Documents and Settings\Lenka\Dokumenty\teamwiewer.txt
2013-11-08 11:13 - 2013-11-08 11:13 - 00000000 ____D C:\Program Files\Aplikace MB1
2013-11-08 10:55 - 2013-11-06 14:58 - 00000000 ____D C:\Program Files\Aplikace MB
2013-11-07 12:51 - 2013-11-07 12:50 - 11841601 _____ C:\Documents and Settings\Lenka\Plocha\Canon_iC_MF5730_300_64.zip
2013-11-07 12:45 - 2013-11-07 12:45 - 11988096 _____ C:\Documents and Settings\Lenka\Plocha\MF5770_MFDrivers_W64_us_EN.exe
2013-11-04 08:07 - 2008-04-08 16:07 - 00000000 ____D C:\Documents and Settings\Lenka\.gimp-2.4
2013-10-29 18:32 - 2013-10-04 10:21 - 00000000 ____D C:\Documents and Settings\Lenka\Data aplikací\TeamViewer
2013-10-29 11:48 - 2009-03-31 21:46 - 00000000 ____D C:\Documents and Settings\Lenka\Plocha\pismo

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0108544 ____A (Microsoft Corporation) f0d2ae69035092bf22dad6b50fab85c2

C:\Windows\System32\User32.dll
[2004-08-17 14:49] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:149.04 GB) (Free:76.54 GB) NTFS

Available physical RAM: 2313.38 MB
Total physical RAM: 2985.18 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 149 GB) (Disk ID: 2C222C22)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:2F141B68
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:638E6F6B
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:F46D2E85

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.70 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Lenka\Plocha" je 33705 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R285 Series
C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "C:\windows\TEMP\E_S82C.tmp" /EF "HKCU" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESDUSBMon.exe
C:\windows\system32\ESDUSBMon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\windows\system32\hkcmd.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\windows\system32\igfxtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\TO2SSM\McciTrayApp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Belkin Wireless Networking Utility.lnk
C:\PROGRA~1\Belkin\F6D4050\v1\BELKIN~1.EXE -t [x]


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
SentinelKeysServer REG_DWORD 0x2
ProtexisLicensing REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\QIP\\qip.exe"="C:\\Program Files\\QIP\\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"="C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe:*:Enabled:Sentinel Protection Server"
"C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"="C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\WINDOWS\\system32\\SAiLicSvr.exe"="C:\\WINDOWS\\system32\\SAiLicSvr.exe:*:Enabled:SAi Production Suite_SAi License Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"12855:TCP"="12855:TCP:*:Disabled:BitComet 12855 TCP"
"12855:UDP"="12855:UDP:*:Disabled:BitComet 12855 UDP"
"9420:TCP"="9420:TCP:*:Enabled:Red Swoosh"
"5000:UDP"="5000:UDP:*:Enabled:Red Swoosh"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[sisina55]

Prosím, co s tím dál? Nebo je to takhle vyčištěné? Děkuji

[vyosek]

Omlouvam se, nejak jsem ted nestihal...

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [cesuz] - C:\Documents and Settings\Lenka\Plocha\Nepoužívané odkazy plochy\cs-CZ\cesuz.exe [274432 2007-09-27] ()
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKCU - ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... =megaup&q={searchTerms}
  oolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
  Toolbar: HKCU - No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
  
  FF Extension: SearchNewTab - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\jynrcbggms@oohzie.net
  FF Extension: sAvvensharE - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\tymm@rvfmao.co.uk
  FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
  FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
  FF HKCU\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] - 
  
  S3 BtAudio; system32\DRIVERS\btaudio.sys [x]
  S3 BTDriver; system32\DRIVERS\btport.sys [x]
  S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
  S3 BTWUSB; System32\Drivers\btwusb.sys [x]
  S3 catchme; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\catchme.sys [x]
  S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
  S4 IntelIde; No ImagePath
  S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
  S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
  S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
  S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
  S3 NTACCESS; \??\D:\NTACCESS.sys [x]
  S3 PAC207; system32\DRIVERS\pfc027.sys [x]
  S2 Par1284; \??\C:\Program Files\SAi\SAi Production Suite\Program\Par1284.sys [x]
  S3 rkhdrv40; No ImagePath
  S3 rt2870; system32\DRIVERS\rt2870.sys [x]
  U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
  S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [x]
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
  
  AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:2F141B68
  AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:638E6F6B
  AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:F46D2E85
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R285 Series" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[sisina55]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-11-2013 01
Ran by Lenka at 2013-11-27 11:05:40 Run:1
Running from C:\Documents and Settings\Lenka\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [cesuz] - C:\Documents and Settings\Lenka\Plocha\Nepoužívané odkazy plochy\cs-CZ\cesuz.exe [274432 2007-09-27] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = http://search.yahoo.com/search?ei=ISO-8 ... =megaup&q={searchTerms}
oolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
Toolbar: HKCU - No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File

FF Extension: SearchNewTab - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\jynrcbggms@oohzie.net
FF Extension: sAvvensharE - C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\tymm@rvfmao.co.uk
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
FF HKCU\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] -

S3 BtAudio; system32\DRIVERS\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S3 catchme; \??\C:\DOCUME~1\Lenka\LOCALS~1\Temp\catchme.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
S3 NTACCESS; \??\D:\NTACCESS.sys [x]
S3 PAC207; system32\DRIVERS\pfc027.sys [x]
S2 Par1284; \??\C:\Program Files\SAi\SAi Production Suite\Program\Par1284.sys [x]
S3 rkhdrv40; No ImagePath
S3 rt2870; system32\DRIVERS\rt2870.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\D:\NTGLM7X.sys [x]

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:2F141B68
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:638E6F6B
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:F46D2E85

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R285 Series" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cesuz => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\${searchCLSID} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} => Value deleted successfully.
HKCR\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} => Key not found.
C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\jynrcbggms@oohzie.net => Moved successfully.
C:\Documents and Settings\Lenka\Data aplikací\Mozilla\Firefox\Profiles\8csubig4.default-1366784520796\Extensions\tymm@rvfmao.co.uk => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\FF HKCU\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] - => Value not found.
BtAudio => Service deleted successfully.
BTDriver => Service deleted successfully.
BTWDNDIS => Service deleted successfully.
BTWUSB => Service deleted successfully.
catchme => Service deleted successfully.
GMSIPCI => Service deleted successfully.
IntelIde => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MREMPR5 => Service deleted successfully.
MRENDIS5 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.
NTACCESS => Service deleted successfully.
PAC207 => Service deleted successfully.
Par1284 => Service deleted successfully.
rkhdrv40 => Service deleted successfully.
rt2870 => Service deleted successfully.
ScsiPort => Service deleted successfully.
SetupNTGLM7X => Service deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\avast! Emergency Update.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":2F141B68" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":638E6F6B" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":F46D2E85" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R285 Series" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware =========



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

[vyosek]

Jak se chova PC

[sisina55]

Háčky a čárky už jsou ok, možná se pc malinko zpomalil ale to je možná jen můj pocit. Nic jiného nepozoruji.

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[sisina55]

Moc děkuji

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat