Nejde načíst Google, malware, log

[Adun]

Dobrý den,

nechce se mi načíst Google. Jde chvíli poté, co restartuji modem i prohlížeč, po minutě se však problém vrací. Google help říká, že jde o malware. Tak prosím o pomoc

Log z FRST:


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01
Ran by uu (administrator) on NOTEBOOK on 14-11-2014 19:23:57
Running from C:\Documents and Settings\uu\Plocha
Loaded Profile: uu (Available profiles: uu)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(ALWIL Software) C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
(forum.viry.cz) C:\Documents and Settings\uu\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2815192 2010-05-06] (ALWIL Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\cryptnet32: cryptnet32.dll [X]
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\Run: [Ivana] => C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe [241771 2011-10-05] ()
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {47791368-e04d-11df-8da7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {58ff4a75-d1e7-11e2-92ae-0014222e7ef9} - G:\PXRoute.exe
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {be616eda-e81d-11df-8db7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a26-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a27-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Lsa: [Authentication Packages] msv1_0 nwprovau
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=15000
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.localstrike.com.ar" <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
SearchScopes: HKCU - {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Shopping Suggestion -> {F6C07882-D703-4DD5-905A-2C4E815A5066} -> C:\Documents and Settings\uu\Data aplikací\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (WW3, LLC)
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo.com/search?ei=utf- ... &ilc=12&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\searchplugins\yahoo_ff.xml
FF Extension: VLC Addon - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\toolbarbutton@vlc.info [2014-01-20]
FF Extension: No Name - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-10-30]
FF Extension: Babylon-English Toolbar - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} [2010-11-18]
FF Extension: Seznam lištička - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-06-10]
FF Extension: . - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi [2014-01-27]
FF Extension: Shopping Suggestion - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi [2014-01-27]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-05-17]
FF Extension: No Name - C:\Program Files\Dealio Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files\Common Files\Spigot\wtxpcom [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (MindMup Desktop - Free Mind Mapping) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eealagocaipaflcjmeapmobpmilffopi [2014-11-13]
CHR Extension: (Úpravy souborů Office) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2014-11-05]
CHR Extension: (Uložit na Disk Google) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-11-13]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-11-13]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (ActiveInbox for Gmail™) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeehiifcaeengdofhogmkblhkmpephcj [2014-11-13]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - []
CHR HKLM\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files\Betcat\WebCakeLayers.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-07-17] (Sun Microsystems, Inc.)
R2 LVPrcSrv; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [99888 2006-06-26] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [91696 2006-06-26] (Logitech Inc.)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
S4 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
S2 SavevidService; C:\Program Files\Savevid\SavevidService.exe [796160 2014-08-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
S2 WebCake Desktop Updater; C:\Program Files\Betcat\WBDesktop.Updater.1.0.0.16.exe [51992 2013-08-16] (cake bake)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [28880 2010-05-06] (ALWIL Software)
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [19024 2010-05-06] (ALWIL Software)
R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [100432 2010-05-06] (ALWIL Software)
S3 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [23376 2010-05-06] (ALWIL Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [164048 2010-05-06] (ALWIL Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [46672 2010-05-06] (ALWIL Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [100480 2009-07-23] (Huawei Technologies Co., Ltd.)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [1587632 2006-06-26] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [1952816 2006-06-26] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\drivers\LVPr2Mon.sys [23472 2006-06-26] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [38960 2006-06-22] (Logitech Inc.)
R3 mcdbus; C:\WINDOWS\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [293808 2006-06-22] (Logitech Inc.)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [29696 2009-05-23] (Elaborate Bytes AG) [File not signed]
S3 aic32p; \??\C:\WINDOWS\system32\drivers\llepgk.sys [X]
S3 cpuz132; \??\C:\DOCUME~1\uu\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U1 WS2IFSL; No ImagePath
S3 XDva349; \??\C:\WINDOWS\system32\XDva349.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 19:23 - 2014-11-14 19:24 - 00016310 _____ () C:\Documents and Settings\uu\Plocha\FRST.txt
2014-11-14 19:21 - 2014-11-14 19:24 - 00000000 ____D () C:\FRST
2014-11-14 19:20 - 2014-11-14 19:20 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\uu\Plocha\FRSTLauncher.exe
2014-11-14 19:18 - 2014-11-14 19:18 - 01108480 _____ (Farbar) C:\Documents and Settings\uu\Plocha\FRST.exe
2014-11-14 19:03 - 2014-11-14 19:03 - 00388608 _____ (Trend Micro Inc.) C:\HijackThis.exe
2014-11-14 18:47 - 2014-11-14 18:51 - 00000000 ____D () C:\AdwCleaner
2014-11-07 19:45 - 2014-11-07 19:45 - 00000000 ____D () C:\Learned optimism
2014-11-07 19:04 - 2014-11-07 19:04 - 00125666 _____ () C:\bc_prace_final.txt
2014-11-07 10:38 - 2014-11-07 10:38 - 00012372 _____ () C:\Pax_BTM_Vienna.xlsx
2014-11-04 14:10 - 2014-11-04 14:32 - 67593334 _____ () C:\Little Black Book of Connections.part2.rar
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ___RD () C:\Program Files\Skype
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-11-03 07:52 - 2014-11-03 07:52 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\ICCup Launcher
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\Valve
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\KraiSoft
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\Guitar Pro 5
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Wise Registry Cleaner Free
2014-10-29 15:11 - 2014-11-03 07:49 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Star Stable
2014-10-20 20:00 - 2014-10-20 19:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102014-01.dmp
2014-10-19 03:10 - 2014-11-07 22:44 - 00027765 _____ () C:\WINDOWS\setupapi.log
2014-10-19 03:10 - 2014-11-03 07:52 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\Tunngle
2014-10-19 03:10 - 2014-10-19 03:10 - 00000000 ____D () C:\Documents and Settings\uu\Dokumenty\Tunngle
2014-10-19 02:36 - 2014-11-03 07:53 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
2014-10-17 06:41 - 2014-11-14 18:30 - 00000000 ____D () C:\Program Files\Skype(2)
2014-10-15 19:16 - 2014-11-14 09:32 - 00055700 _____ () C:\WINDOWS\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 19:24 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Local Settings\Temp
2014-11-14 19:23 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Plocha
2014-11-14 19:21 - 2010-04-26 15:18 - 00000000 ___HD () C:\Documents and Settings\uu\Local Settings\Data aplikací
2014-11-14 19:03 - 2012-06-12 17:30 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-14 19:00 - 2014-01-20 20:13 - 00000260 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job
2014-11-14 18:51 - 2010-05-15 20:27 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\foobar2000
2014-11-14 18:48 - 2011-01-22 18:23 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\vlc
2014-11-14 18:42 - 2010-05-22 12:45 - 00000000 ____D () C:\MP3
2014-11-14 18:32 - 2014-07-05 13:11 - 00000356 _____ () C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
2014-11-14 18:32 - 2014-06-27 12:54 - 00000338 _____ () C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job
2014-11-14 18:32 - 2014-01-20 20:13 - 00000254 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
2014-11-14 18:32 - 2014-01-20 20:12 - 00000350 ____H () C:\WINDOWS\Tasks\couponsupport-S-649636217.job
2014-11-14 18:32 - 2012-06-12 17:30 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-14 18:32 - 2010-04-26 15:18 - 00000178 ___SH () C:\Documents and Settings\uu\ntuser.ini
2014-11-14 18:32 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-14 18:30 - 2014-01-20 20:12 - 00000000 ____D () C:\Program Files\VLC Player GPU+
2014-11-14 18:30 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Dokumenty
2014-11-14 18:29 - 2014-10-02 14:27 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-11-14 18:29 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-11-14 18:29 - 2010-04-26 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-11-14 18:29 - 2010-04-26 16:17 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-11-14 18:29 - 2010-04-26 15:18 - 00000000 ___RD () C:\Documents and Settings\uu\Nabídka Start\Programy\Po spuštění
2014-11-14 18:29 - 2010-04-26 15:18 - 00000000 ___RD () C:\Documents and Settings\uu\Nabídka Start\Programy
2014-11-14 18:28 - 2010-12-29 15:45 - 00000000 ____D () C:\Program Files\TweakNow RegCleaner
2014-11-14 18:28 - 2010-12-29 15:45 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\TweakNow RegCleaner
2014-11-14 18:28 - 2010-06-08 07:05 - 00000000 ____D () C:\Program Files\rajce
2014-11-14 18:27 - 2010-07-23 20:32 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\CoolboySoft
2014-11-14 18:25 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\uu\Local Settings\Data aplikací\Mobogenie
2014-11-14 18:17 - 2011-04-15 10:28 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-11-14 18:17 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2014-11-14 18:16 - 2014-07-30 11:58 - 00000000 ____D () C:\Program Files\Application Updater
2014-11-14 18:16 - 2010-04-26 15:18 - 00000000 __RHD () C:\Documents and Settings\uu\Data aplikací
2014-11-14 18:15 - 2013-06-30 16:12 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\KraiSoft Entertainment
2014-11-14 14:19 - 2010-05-20 18:06 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\Skype
2014-11-13 21:00 - 2010-04-26 15:18 - 00032012 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-13 19:31 - 2010-08-05 10:04 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-11-13 19:31 - 2010-08-05 10:04 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-11-13 19:31 - 2010-04-26 15:18 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 22:55 - 2010-05-14 16:34 - 00000000 ____D () C:\Robertos Amigos
2014-11-06 01:33 - 2010-05-14 16:45 - 00209920 _____ () C:\Documents and Settings\uu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-04 20:55 - 2010-06-13 11:43 - 00000000 ____D () C:\Documents and Settings\uu\Local Settings\Data aplikací\Adobe
2014-11-03 09:28 - 2014-10-02 17:04 - 00033512 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-11-03 07:59 - 2010-04-26 16:20 - 01021292 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-03 07:57 - 2010-05-14 13:57 - 00033512 _____ () C:\Documents and Settings\uu\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-11-03 07:55 - 2010-04-26 16:17 - 00185016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-03 07:54 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu
2014-11-03 07:54 - 2010-04-26 15:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-11-03 07:54 - 2010-04-26 15:16 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-11-03 07:54 - 2010-04-26 15:04 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-03 07:49 - 2013-05-21 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\StarStableOnline
2014-11-01 17:59 - 2011-12-16 23:10 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-10-29 15:11 - 2010-04-27 11:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-20 20:00 - 2010-10-21 05:36 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-19 13:01 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-10-17 06:41 - 2010-05-20 18:05 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-10-15 12:59 - 2010-06-26 19:56 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikac�

Files to move or delete:
====================
C:\Documents and Settings\KBCertifikat\lkpdetect.exe
C:\Documents and Settings\uu\jagex_runescape_preferences.dat
C:\Documents and Settings\uu\jagex_runescape_preferences2.dat
C:\Windows\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
C:\Windows\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job


Some content of TEMP:
====================
C:\Documents and Settings\uu\Local Settings\Temp\A~NSISu_.exe
C:\Documents and Settings\uu\Local Settings\Temp\bi_cleaner.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.5 GB) (Free:7.09 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 718.21 MB
Total physical RAM: 1014.07 MB
Percentage of memory in use: 29%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 74.5 GB) (Disk ID: D371D371)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\couponsupport-S-649636217.job => c:\support\couponsupport.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job => C:\Documents and Settings\uu\Data aplikací\yFjYZvJE\ISGctQPz\iEZWxSBf\vVWfyUmwj.exe
Task: C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job => C:\Documents and Settings\uu\Data aplikací\apple computer\logs\ytomfrr.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\uu\Plocha" je 744 MB.


***** Startup Programs *****


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ProtexisLicensing REG_DWORD 0x2
wuauserv REG_DWORD 0x2
ose REG_DWORD 0x3
JavaQuickStarterService REG_DWORD 0x2
FLEXnet Licensing Service REG_DWORD 0x3
Bonjour Service REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Robertos Amigos\\Games\\Counter-Strike Source\\hl2.exe"="C:\\Robertos Amigos\\Games\\Counter-Strike Source\\hl2.exe:*:Disabled:hl2"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Robertos Amigos\\Games\\freecraft.exe"="C:\\Robertos Amigos\\Games\\freecraft.exe:*:Enabled:freecraft"
"C:\\Robertos Amigos\\Games\\FreeCraft\\freecraft.exe"="C:\\Robertos Amigos\\Games\\FreeCraft\\freecraft.exe:*:Enabled:freecraft"
"C:\\Robertos Amigos\\Games\\Counter-Strike 1.6 NS\\hl.exe"="C:\\Robertos Amigos\\Games\\Counter-Strike 1.6 NS\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Robertos Amigos\\Warcraft 3 CZ 1.24c + Battle.net + Addony\\Warcraft III\\Warcraft III.exe"="C:\\Robertos Amigos\\Warcraft 3 CZ 1.24c + Battle.net + Addony\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Robertos Amigos\\Games\\Warcraft III\\Warcraft III.exe"="C:\\Robertos Amigos\\Games\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"="C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3"
"C:\\Robertos Amigos\\Games\\NeverwinterNights\\NWN\\nwmain.exe"="C:\\Robertos Amigos\\Games\\NeverwinterNights\\NWN\\nwmain.exe:*:Enabled:Neverwinter Nights"
"C:\\Program Files\\Miranda IM\\miranda32.exe"="C:\\Program Files\\Miranda IM\\miranda32.exe:*:Enabled:Miranda IM"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Opera USB 10.62\\opera.exe"="C:\\Program Files\\Opera USB 10.62\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Robertos Amigos\\Games\\Glest_3.2.2\\glest.exe"="C:\\Robertos Amigos\\Games\\Glest_3.2.2\\glest.exe:*:Enabled:glest"
"C:\\Program Files\\Steam\\steamapps\\garmzas_2\\half-life\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\garmzas_2\\half-life\\hl.exe:*:Enabled:Half-Life"
"C:\\Robertos Amigos\\Rise Of Legends Demo\\legends.exe"="C:\\Robertos Amigos\\Rise Of Legends Demo\\legends.exe:*:Enabled:Rise of Legends"
"C:\\Program Files\\Digsby\\lib\\digsby-app.exe"="C:\\Program Files\\Digsby\\lib\\digsby-app.exe:*:Enabled:Digsby"
"C:\\Program Files\\Yaho's Miranda Pack\\miranda32.exe"="C:\\Program Files\\Yaho's Miranda Pack\\miranda32.exe:*:Enabled:Miranda IM"
"C:\\Robertos Amigos\\Outbreak Demo\\OutBreak.exe"="C:\\Robertos Amigos\\Outbreak Demo\\OutBreak.exe:*:Enabled:Codename: Outbrake"
"C:\\Kingdom Under Fire Public Demo\\KingdomUnderFire.exe"="C:\\Kingdom Under Fire Public Demo\\KingdomUnderFire.exe:*:Enabled:KUFMain"
"C:\\New World Order Demo\\NWO\\NWO.exe"="C:\\New World Order Demo\\NWO\\NWO.exe:*:Enabled:NWO"
"C:\\StarCraft II Demo\\StarCraft II.exe"="C:\\StarCraft II Demo\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\StarCraft II Beta\\StarCraft II.exe"="C:\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Disabled:StarCraft II"
"C:\\Robertos Amigos\\StarCraft II Beta\\StarCraft II.exe"="C:\\Robertos Amigos\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Robertos Amigos\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\Robertos Amigos\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\StarCraft II Beta\\StarCraft II.exe"="C:\\Program Files\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\Program Files\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\StarCraft II\\StarCraft II.exe"="C:\\Program Files\\StarCraft II\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\StarCraft II\\Versions\\Base16939\\SC2.exe"="C:\\Program Files\\StarCraft II\\Versions\\Base16939\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\THQ\\Dawn of War DEMO\\W40k.exe"="C:\\Program Files\\THQ\\Dawn of War DEMO\\W40k.exe:*:Enabled:W40K"
"C:\\Program Files\\SunAge\\SunAge.exe"="C:\\Program Files\\SunAge\\SunAge.exe:*:Enabled:SunAge"
"C:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe"="C:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe:*:Enabled:Universe at War: Earth Assault Application"
"C:\\Program Files\\FreeCraft\\freecraft.exe"="C:\\Program Files\\FreeCraft\\freecraft.exe:*:Enabled:freecraft"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\\Documents and Settings\\uu\\Data aplikac\\ultra_3gpconverter.exe"="C:\\Documents and Settings\\uu\\Data aplikac\\ultra_3gpconverter.exe:*:Enabled:ipsec"
"C:\\Program Files\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Program Files\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\\Mamka - NEMAZAT\\operausb11en\\opera.exe"="C:\\Mamka - NEMAZAT\\operausb11en\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\FlatOut2\\FlatOut2.exe"="C:\\Program Files\\FlatOut2\\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\\Program Files\\Steam\\steamapps\\garmzas_2\\opposing force\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\garmzas_2\\opposing force\\hl.exe:*:Enabled:Half-Life: Opposing Force"
"C:\\Mamka - NEMAZAT\\OperaPortable11\\opera.exe"="C:\\Mamka - NEMAZAT\\OperaPortable11\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Documents and Settings\\uu\\Local Settings\\Temp\\CMamka - NEMAZATOperaPortable11\\opera.exe"="C:\\Documents and Settings\\uu\\Local Settings\\Temp\\CMamka - NEMAZATOperaPortable11\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Przkumnk Windows"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Robertos Amigos\\Counter-Strike\\hl.exe"="C:\\Robertos Amigos\\Counter-Strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Robertos Amigos\\iccup_wc3_win32_en\\War3.exe"="C:\\Robertos Amigos\\iccup_wc3_win32_en\\War3.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Robertos Amigos\\Eurobattle.net\\gproxy.exe"="C:\\Robertos Amigos\\Eurobattle.net\\gproxy.exe:*:Enabled:gproxy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"28692:UDP"="28692:UDP:*:Enabled:UDP 28692"
"10336:UDP"="10336:UDP:*:Enabled:UDP 10336"
"29174:TCP"="29174:TCP:*:Enabled:TCP 29174"
"22020:TCP"="22020:TCP:*:Enabled:TCP 22020"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Adun]

Log je zde, EDIT: vyhledávání Google stále nefunguje.

# AdwCleaner v4.101 - Report created 15/11/2014 at 11:12:06
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uu - NOTEBOOK
# Running from : C:\Documents and Settings\uu\Plocha\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : WebCake Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\CoolYouTubeDownloader
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\21be6be9e51c957e
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Betcat
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\supporter
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\Web Cake
Folder Deleted : C:\Program Files\WebCake
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\ASPNET\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\uu\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\uu\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\uu\Local Settings\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\uu\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Betcat
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\newnext.me
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Uniblue
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Web Cake
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\WebCake
Folder Deleted : C:\Documents and Settings\uu\Data aplikací\CoolYouTubeDownloader
Folder Deleted : C:\Documents and Settings\uu\Dokumenty\Mobogenie
[!] Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi
[!] Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
[!] Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\dealio@mybrowserbar.com
[!] Folder Deleted : C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\wtxpcom@mybrowserbar.com
File Deleted : C:\Documents and Settings\uu\daemonprocess.txt
File Deleted : C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : SpeedUpMyPC Maintenance
Task Deleted : SpeedUpMyPC Startup
Task Deleted : couponsupport-S-649636217

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Dealio
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Informer Technologies, Inc.\OpenCandy
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{9DDD0B95-1F3E-453E-9F12-EACB0DD6B6CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v38.0.2125.111

[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=0ED37B29-FBF4-4E13-91EA-05804AD5C5E2&apn_sauid=B64FFC0A-CC64-4402-AC79-224741CEC3E1&
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=0ED37B29-FBF4-4E13-91EA-05804AD5C5E2&apn_sauid=B64FFC0A-CC64-4402-AC79-224741CEC3E1&
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=NDV&o=15765&locale=en_EU&apn_uid=FA1D6121-DF1D-457F-8C6D-25C0A9CDA8D7&apn_ptnrs=NY&apn_sauid=CD192B2A-042F-422D-A641-C5FC7876ED31&apn_dtid=YYYYYYUICZ&q={searchTerms}
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=NDV&o=15765&locale=en_EU&apn_uid=FA1D6121-DF1D-457F-8C6D-25C0A9CDA8D7&apn_ptnrs=NY&apn_sauid=CD192B2A-042F-422D-A641-C5FC7876ED31&apn_dtid=YYYYYYUICZ&q={searchTerms}

-\\ Comodo Dragon v

[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=0ED37B29-FBF4-4E13-91EA-05804AD5C5E2&apn_sauid=B64FFC0A-CC64-4402-AC79-224741CEC3E1&
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=0ED37B29-FBF4-4E13-91EA-05804AD5C5E2&apn_sauid=B64FFC0A-CC64-4402-AC79-224741CEC3E1&
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=NDV&o=15765&locale=en_EU&apn_uid=FA1D6121-DF1D-457F-8C6D-25C0A9CDA8D7&apn_ptnrs=NY&apn_sauid=CD192B2A-042F-422D-A641-C5FC7876ED31&apn_dtid=YYYYYYUICZ&q={searchTerms}
[C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=NDV&o=15765&locale=en_EU&apn_uid=FA1D6121-DF1D-457F-8C6D-25C0A9CDA8D7&apn_ptnrs=NY&apn_sauid=CD192B2A-042F-422D-A641-C5FC7876ED31&apn_dtid=YYYYYYUICZ&q={searchTerms}

*************************

AdwCleaner[R0].txt - [9610 octets] - [15/11/2014 11:07:18]
AdwCleaner[S0].txt - [10980 octets] - [15/11/2014 11:12:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11041 octets] ##########

[Rudy]

Dejte nový log FRST.

[Adun]

Nový log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01
Ran by uu (administrator) on NOTEBOOK on 16-11-2014 12:36:30
Running from C:\Documents and Settings\uu\Plocha
Loaded Profile: uu (Available profiles: uu)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Program Files\Savevid\SavevidService.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files\Savevid\SavevidWSServer.exe
(Bandoo Media Inc.) C:\Program Files\Savevid\SavevidPluginCore.exe
() C:\Program Files\Savevid\SavevidWSServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\uu\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2815192 2010-05-06] (ALWIL Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\cryptnet32: cryptnet32.dll [X]
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\Run: [Ivana] => C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe [241771 2011-10-05] ()
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {47791368-e04d-11df-8da7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {58ff4a75-d1e7-11e2-92ae-0014222e7ef9} - G:\PXRoute.exe
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {be616eda-e81d-11df-8db7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a26-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a27-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Lsa: [Authentication Packages] msv1_0 nwprovau
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.localstrike.com.ar" <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
SearchScopes: HKCU - {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo.com/search?ei=utf- ... &ilc=12&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\searchplugins\yahoo_ff.xml
FF Extension: VLC Addon - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\toolbarbutton@vlc.info [2014-01-20]
FF Extension: No Name - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-10-30]
FF Extension: Babylon-English Toolbar - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} [2010-11-18]
FF Extension: Seznam lištička - C:\Documents and Settings\uu\Data aplikací\Mozilla\Firefox\Profiles\rnicui99.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-06-10]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-05-17]
FF Extension: No Name - C:\Program Files\Dealio Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files\Common Files\Spigot\wtxpcom [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (MindMup Desktop - Free Mind Mapping) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eealagocaipaflcjmeapmobpmilffopi [2014-11-13]
CHR Extension: (Úpravy souborů Office) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2014-11-05]
CHR Extension: (Uložit na Disk Google) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-11-13]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-11-13]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (ActiveInbox for Gmail™) - C:\Documents and Settings\uu\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeehiifcaeengdofhogmkblhkmpephcj [2014-11-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-05-06] (ALWIL Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-07-17] (Sun Microsystems, Inc.)
R2 LVPrcSrv; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [99888 2006-06-26] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [91696 2006-06-26] (Logitech Inc.)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
S4 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 SavevidService; C:\Program Files\Savevid\SavevidService.exe [796160 2014-08-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [28880 2010-05-06] (ALWIL Software)
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [19024 2010-05-06] (ALWIL Software)
R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [100432 2010-05-06] (ALWIL Software)
S3 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [23376 2010-05-06] (ALWIL Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [164048 2010-05-06] (ALWIL Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [46672 2010-05-06] (ALWIL Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [100480 2009-07-23] (Huawei Technologies Co., Ltd.)
S3 LVcKap; C:\WINDOWS\System32\DRIVERS\LVcKap.sys [1587632 2006-06-26] (Logitech Inc.)
S3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [1952816 2006-06-26] (Logitech Inc.)
R3 LVPr2Mon; C:\WINDOWS\System32\drivers\LVPr2Mon.sys [23472 2006-06-26] ()
S3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [38960 2006-06-22] (Logitech Inc.)
R3 mcdbus; C:\WINDOWS\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation)
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [293808 2006-06-22] (Logitech Inc.)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [29696 2009-05-23] (Elaborate Bytes AG) [File not signed]
S3 aic32p; \??\C:\WINDOWS\system32\drivers\llepgk.sys [X]
S3 cpuz132; \??\C:\DOCUME~1\uu\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U1 WS2IFSL; No ImagePath
S3 XDva349; \??\C:\WINDOWS\system32\XDva349.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 12:36 - 2014-11-16 12:37 - 00015479 _____ () C:\Documents and Settings\uu\Plocha\FRST.txt
2014-11-15 17:37 - 2014-11-15 17:37 - 00000738 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Poedit.lnk
2014-11-15 17:37 - 2014-11-15 17:37 - 00000000 ____D () C:\Program Files\Poedit
2014-11-15 17:35 - 2014-11-15 17:36 - 11813648 _____ (Vaclav Slavik ) C:\Poedit-1.6.10-setup.exe
2014-11-15 12:30 - 2014-11-15 12:30 - 00000000 ____D () C:\weba
2014-11-15 02:24 - 2014-11-15 02:24 - 02140160 _____ () C:\Documents and Settings\uu\Plocha\adwcleaner_4.101.exe
2014-11-14 21:15 - 2014-11-14 21:15 - 00064000 _____ () C:\gantt-chart-template_en.xls
2014-11-14 19:21 - 2014-11-16 12:36 - 00000000 ____D () C:\FRST
2014-11-14 19:20 - 2014-11-14 19:20 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\uu\Plocha\FRSTLauncher.exe
2014-11-14 19:18 - 2014-11-14 19:18 - 01108480 _____ (Farbar) C:\Documents and Settings\uu\Plocha\FRST.exe
2014-11-14 19:03 - 2014-11-14 19:03 - 00388608 _____ (Trend Micro Inc.) C:\HijackThis.exe
2014-11-14 18:47 - 2014-11-15 11:12 - 00000000 ____D () C:\AdwCleaner
2014-11-07 19:45 - 2014-11-07 19:45 - 00000000 ____D () C:\Learned optimism
2014-11-07 19:04 - 2014-11-07 19:04 - 00125666 _____ () C:\bc_prace_final.txt
2014-11-07 10:38 - 2014-11-07 10:38 - 00012372 _____ () C:\Pax_BTM_Vienna.xlsx
2014-11-04 14:10 - 2014-11-04 14:32 - 67593334 _____ () C:\Little Black Book of Connections.part2.rar
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ___RD () C:\Program Files\Skype
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-11-03 07:53 - 2014-11-03 07:53 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-11-03 07:52 - 2014-11-03 07:52 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\ICCup Launcher
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\Valve
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\KraiSoft
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Program Files\Guitar Pro 5
2014-11-03 07:51 - 2014-11-03 07:51 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Wise Registry Cleaner Free
2014-10-29 15:11 - 2014-11-03 07:49 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Star Stable
2014-10-20 20:00 - 2014-10-20 19:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini102014-01.dmp
2014-10-19 03:10 - 2014-11-07 22:44 - 00027765 _____ () C:\WINDOWS\setupapi.log
2014-10-19 03:10 - 2014-11-03 07:52 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\Tunngle
2014-10-19 03:10 - 2014-10-19 03:10 - 00000000 ____D () C:\Documents and Settings\uu\Dokumenty\Tunngle
2014-10-19 02:36 - 2014-11-03 07:53 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
2014-10-17 06:41 - 2014-11-14 18:30 - 00000000 ____D () C:\Program Files\Skype(2)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 12:37 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Local Settings\Temp
2014-11-16 12:36 - 2010-04-26 15:18 - 00000000 ___HD () C:\Documents and Settings\uu\Local Settings\Data aplikací
2014-11-16 12:36 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Plocha
2014-11-16 12:22 - 2010-05-20 18:06 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\Skype
2014-11-16 12:09 - 2012-06-12 17:30 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 07:37 - 2014-10-15 19:16 - 00057000 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-16 06:03 - 2010-05-20 18:05 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-11-16 06:01 - 2014-07-05 13:11 - 00000356 _____ () C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
2014-11-16 06:01 - 2014-06-27 12:54 - 00000338 _____ () C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job
2014-11-16 06:01 - 2012-06-12 17:30 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 06:01 - 2010-08-05 10:04 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-11-16 06:01 - 2010-08-05 10:04 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-11-16 06:01 - 2010-04-26 15:18 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-16 06:01 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-15 22:45 - 2010-05-15 20:27 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\foobar2000
2014-11-15 17:59 - 2011-12-16 23:10 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-11-15 17:37 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-11-15 11:15 - 2010-04-26 15:18 - 00032594 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-15 11:14 - 2010-04-26 15:18 - 00000178 ___SH () C:\Documents and Settings\uu\ntuser.ini
2014-11-15 11:12 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data aplikací
2014-11-15 11:12 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací
2014-11-15 11:12 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\Data aplikací
2014-11-15 11:12 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\ASPNET\Local Settings\Data aplikací
2014-11-15 11:12 - 2014-01-20 20:09 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-11-15 11:12 - 2010-04-26 16:17 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-11-15 11:12 - 2010-04-26 15:18 - 00000000 __RHD () C:\Documents and Settings\uu\Data aplikací
2014-11-15 11:12 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu\Dokumenty
2014-11-15 11:12 - 2010-04-26 15:18 - 00000000 ____D () C:\Documents and Settings\uu
2014-11-15 07:24 - 2011-04-15 10:28 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-11-14 18:48 - 2011-01-22 18:23 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\vlc
2014-11-14 18:42 - 2010-05-22 12:45 - 00000000 ____D () C:\MP3
2014-11-14 18:30 - 2014-01-20 20:12 - 00000000 ____D () C:\Program Files\VLC Player GPU+
2014-11-14 18:29 - 2010-04-26 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-11-14 18:29 - 2010-04-26 15:18 - 00000000 ___RD () C:\Documents and Settings\uu\Nabídka Start\Programy\Po spuštění
2014-11-14 18:29 - 2010-04-26 15:18 - 00000000 ___RD () C:\Documents and Settings\uu\Nabídka Start\Programy
2014-11-14 18:28 - 2010-12-29 15:45 - 00000000 ____D () C:\Program Files\TweakNow RegCleaner
2014-11-14 18:28 - 2010-12-29 15:45 - 00000000 ____D () C:\Documents and Settings\uu\Data aplikací\TweakNow RegCleaner
2014-11-14 18:28 - 2010-06-08 07:05 - 00000000 ____D () C:\Program Files\rajce
2014-11-14 18:27 - 2010-07-23 20:32 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\CoolboySoft
2014-11-14 18:17 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2014-11-14 18:15 - 2013-06-30 16:12 - 00000000 ____D () C:\Documents and Settings\uu\Nabídka Start\Programy\KraiSoft Entertainment
2014-11-07 22:55 - 2010-05-14 16:34 - 00000000 ____D () C:\Robertos Amigos
2014-11-06 01:33 - 2010-05-14 16:45 - 00209920 _____ () C:\Documents and Settings\uu\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-04 20:55 - 2010-06-13 11:43 - 00000000 ____D () C:\Documents and Settings\uu\Local Settings\Data aplikací\Adobe
2014-11-03 09:28 - 2014-10-02 17:04 - 00033512 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-11-03 07:59 - 2010-04-26 16:20 - 01021292 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-03 07:57 - 2010-05-14 13:57 - 00033512 _____ () C:\Documents and Settings\uu\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-11-03 07:55 - 2010-04-26 16:17 - 00185016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-03 07:54 - 2010-04-26 15:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-11-03 07:54 - 2010-04-26 15:16 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-11-03 07:54 - 2010-04-26 15:04 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-03 07:49 - 2013-05-21 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\StarStableOnline
2014-10-29 15:11 - 2010-04-27 11:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-20 20:00 - 2010-10-21 05:36 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-19 13:01 - 2010-04-26 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty

Files to move or delete:
====================
C:\Documents and Settings\KBCertifikat\lkpdetect.exe
C:\Documents and Settings\uu\jagex_runescape_preferences.dat
C:\Documents and Settings\uu\jagex_runescape_preferences2.dat
C:\Windows\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
C:\Windows\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job


Some content of TEMP:
====================
C:\Documents and Settings\uu\Local Settings\Temp\bi_cleaner.exe
C:\Documents and Settings\uu\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\uu\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.5 GB) (Free:6.77 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 780.27 MB
Total physical RAM: 1014.07 MB
Percentage of memory in use: 23%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 74.5 GB) (Disk ID: D371D371)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job => C:\Documents and Settings\uu\Data aplikací\yFjYZvJE\ISGctQPz\iEZWxSBf\vVWfyUmwj.exe
Task: C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job => C:\Documents and Settings\uu\Data aplikací\apple computer\logs\ytomfrr.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\uu\Plocha" je 746 MB.


***** Startup Programs *****


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ProtexisLicensing REG_DWORD 0x2
wuauserv REG_DWORD 0x2
ose REG_DWORD 0x3
JavaQuickStarterService REG_DWORD 0x2
FLEXnet Licensing Service REG_DWORD 0x3
Bonjour Service REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\totalcmd\\TOTALCMD.EXE"="C:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Robertos Amigos\\Games\\Counter-Strike Source\\hl2.exe"="C:\\Robertos Amigos\\Games\\Counter-Strike Source\\hl2.exe:*:Disabled:hl2"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Robertos Amigos\\Games\\freecraft.exe"="C:\\Robertos Amigos\\Games\\freecraft.exe:*:Enabled:freecraft"
"C:\\Robertos Amigos\\Games\\FreeCraft\\freecraft.exe"="C:\\Robertos Amigos\\Games\\FreeCraft\\freecraft.exe:*:Enabled:freecraft"
"C:\\Robertos Amigos\\Games\\Counter-Strike 1.6 NS\\hl.exe"="C:\\Robertos Amigos\\Games\\Counter-Strike 1.6 NS\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Robertos Amigos\\Warcraft 3 CZ 1.24c + Battle.net + Addony\\Warcraft III\\Warcraft III.exe"="C:\\Robertos Amigos\\Warcraft 3 CZ 1.24c + Battle.net + Addony\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Robertos Amigos\\Games\\Warcraft III\\Warcraft III.exe"="C:\\Robertos Amigos\\Games\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"="C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3"
"C:\\Robertos Amigos\\Games\\NeverwinterNights\\NWN\\nwmain.exe"="C:\\Robertos Amigos\\Games\\NeverwinterNights\\NWN\\nwmain.exe:*:Enabled:Neverwinter Nights"
"C:\\Program Files\\Miranda IM\\miranda32.exe"="C:\\Program Files\\Miranda IM\\miranda32.exe:*:Enabled:Miranda IM"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Opera USB 10.62\\opera.exe"="C:\\Program Files\\Opera USB 10.62\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Robertos Amigos\\Games\\Glest_3.2.2\\glest.exe"="C:\\Robertos Amigos\\Games\\Glest_3.2.2\\glest.exe:*:Enabled:glest"
"C:\\Program Files\\Steam\\steamapps\\garmzas_2\\half-life\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\garmzas_2\\half-life\\hl.exe:*:Enabled:Half-Life"
"C:\\Robertos Amigos\\Rise Of Legends Demo\\legends.exe"="C:\\Robertos Amigos\\Rise Of Legends Demo\\legends.exe:*:Enabled:Rise of Legends"
"C:\\Program Files\\Digsby\\lib\\digsby-app.exe"="C:\\Program Files\\Digsby\\lib\\digsby-app.exe:*:Enabled:Digsby"
"C:\\Program Files\\Yaho's Miranda Pack\\miranda32.exe"="C:\\Program Files\\Yaho's Miranda Pack\\miranda32.exe:*:Enabled:Miranda IM"
"C:\\Robertos Amigos\\Outbreak Demo\\OutBreak.exe"="C:\\Robertos Amigos\\Outbreak Demo\\OutBreak.exe:*:Enabled:Codename: Outbrake"
"C:\\Kingdom Under Fire Public Demo\\KingdomUnderFire.exe"="C:\\Kingdom Under Fire Public Demo\\KingdomUnderFire.exe:*:Enabled:KUFMain"
"C:\\New World Order Demo\\NWO\\NWO.exe"="C:\\New World Order Demo\\NWO\\NWO.exe:*:Enabled:NWO"
"C:\\StarCraft II Demo\\StarCraft II.exe"="C:\\StarCraft II Demo\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\StarCraft II Beta\\StarCraft II.exe"="C:\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Disabled:StarCraft II"
"C:\\Robertos Amigos\\StarCraft II Beta\\StarCraft II.exe"="C:\\Robertos Amigos\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Robertos Amigos\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\Robertos Amigos\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\StarCraft II Beta\\StarCraft II.exe"="C:\\Program Files\\StarCraft II Beta\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe"="C:\\Program Files\\StarCraft II Beta\\Versions\\Base13891\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\StarCraft II\\StarCraft II.exe"="C:\\Program Files\\StarCraft II\\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\StarCraft II\\Versions\\Base16939\\SC2.exe"="C:\\Program Files\\StarCraft II\\Versions\\Base16939\\SC2.exe:*:Enabled:StarCraft II"
"C:\\Program Files\\THQ\\Dawn of War DEMO\\W40k.exe"="C:\\Program Files\\THQ\\Dawn of War DEMO\\W40k.exe:*:Enabled:W40K"
"C:\\Program Files\\SunAge\\SunAge.exe"="C:\\Program Files\\SunAge\\SunAge.exe:*:Enabled:SunAge"
"C:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe"="C:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe:*:Enabled:Universe at War: Earth Assault Application"
"C:\\Program Files\\FreeCraft\\freecraft.exe"="C:\\Program Files\\FreeCraft\\freecraft.exe:*:Enabled:freecraft"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"="C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\\Documents and Settings\\uu\\Data aplikac\\ultra_3gpconverter.exe"="C:\\Documents and Settings\\uu\\Data aplikac\\ultra_3gpconverter.exe:*:Enabled:ipsec"
"C:\\Program Files\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Program Files\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\\Mamka - NEMAZAT\\operausb11en\\opera.exe"="C:\\Mamka - NEMAZAT\\operausb11en\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\FlatOut2\\FlatOut2.exe"="C:\\Program Files\\FlatOut2\\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\\Program Files\\Steam\\steamapps\\garmzas_2\\opposing force\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\garmzas_2\\opposing force\\hl.exe:*:Enabled:Half-Life: Opposing Force"
"C:\\Mamka - NEMAZAT\\OperaPortable11\\opera.exe"="C:\\Mamka - NEMAZAT\\OperaPortable11\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Documents and Settings\\uu\\Local Settings\\Temp\\CMamka - NEMAZATOperaPortable11\\opera.exe"="C:\\Documents and Settings\\uu\\Local Settings\\Temp\\CMamka - NEMAZATOperaPortable11\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Przkumnk Windows"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Robertos Amigos\\Counter-Strike\\hl.exe"="C:\\Robertos Amigos\\Counter-Strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Robertos Amigos\\iccup_wc3_win32_en\\War3.exe"="C:\\Robertos Amigos\\iccup_wc3_win32_en\\War3.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Robertos Amigos\\Eurobattle.net\\gproxy.exe"="C:\\Robertos Amigos\\Eurobattle.net\\gproxy.exe:*:Enabled:gproxy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"28692:UDP"="28692:UDP:*:Enabled:UDP 28692"
"10336:UDP"="10336:UDP:*:Enabled:UDP 10336"
"29174:TCP"="29174:TCP:*:Enabled:TCP 29174"
"22020:TCP"="22020:TCP:*:Enabled:TCP 22020"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\Run: [Ivana] => C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe [241771 2011-10-05] ()
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {47791368-e04d-11df-8da7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {58ff4a75-d1e7-11e2-92ae-0014222e7ef9} - G:\PXRoute.exe
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {be616eda-e81d-11df-8db7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a26-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a27-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.localstrike.com.ar" <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
SearchScopes: HKCU - {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
S3 XDva349; \??\C:\WINDOWS\system32\XDva349.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\KBCertifikat\lkpdetect.exe
C:\Documents and Settings\uu\jagex_runescape_preferences.dat
C:\Documents and Settings\uu\jagex_runescape_preferences2.dat
C:\Documents and Settings\uu\Local Settings\Temp
Task: C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job => C:\Documents and Settings\uu\Data aplikací\yFjYZvJE\ISGctQPz\iEZWxSBf\vVWfyUmwj.exe
Task: C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job => C:\Documents and Settings\uu\Data aplikací\apple computer\logs\ytomfrr.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Adun]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-11-2014 01
Ran by uu at 2014-11-16 18:59:06 Run:1
Running from C:\Documents and Settings\uu\Plocha
Loaded Profile: uu (Available profiles: uu)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\Run: [Ivana] => C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe [241771 2011-10-05] ()
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {47791368-e04d-11df-8da7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {58ff4a75-d1e7-11e2-92ae-0014222e7ef9} - G:\PXRoute.exe
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {be616eda-e81d-11df-8db7-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a26-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-854245398-764733703-1417001333-1003\...\MountPoints2: {c4e06a27-e044-11df-8da5-0014222e7ef9} - F:\setup_vmc_lite.exe /checkApplicationPresence
C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.localstrike.com.ar" <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
SearchScopes: HKCU - {33D59858-89D9-4AC2-A956-93875EB02323} URL = http://search.localstrike.com.ar/?q={se ... {startPage}
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
S3 XDva349; \??\C:\WINDOWS\system32\XDva349.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job
C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\KBCertifikat\lkpdetect.exe
C:\Documents and Settings\uu\jagex_runescape_preferences.dat
C:\Documents and Settings\uu\jagex_runescape_preferences2.dat
C:\Documents and Settings\uu\Local Settings\Temp
Task: C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job => C:\Documents and Settings\uu\Data aplikací\yFjYZvJE\ISGctQPz\iEZWxSBf\vVWfyUmwj.exe
Task: C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job => C:\Documents and Settings\uu\Data aplikací\apple computer\logs\ytomfrr.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
End
*****************

HKU\S-1-5-21-854245398-764733703-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Ivana => value deleted successfully.
"HKU\S-1-5-21-854245398-764733703-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47791368-e04d-11df-8da7-0014222e7ef9}" => Key deleted successfully.
"HKCR\CLSID\{47791368-e04d-11df-8da7-0014222e7ef9}" => Key not found.
"HKU\S-1-5-21-854245398-764733703-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58ff4a75-d1e7-11e2-92ae-0014222e7ef9}" => Key deleted successfully.
"HKCR\CLSID\{58ff4a75-d1e7-11e2-92ae-0014222e7ef9}" => Key not found.
"HKU\S-1-5-21-854245398-764733703-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be616eda-e81d-11df-8db7-0014222e7ef9}" => Key deleted successfully.
"HKCR\CLSID\{be616eda-e81d-11df-8db7-0014222e7ef9}" => Key not found.
"HKU\S-1-5-21-854245398-764733703-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4e06a26-e044-11df-8da5-0014222e7ef9}" => Key deleted successfully.
"HKCR\CLSID\{c4e06a26-e044-11df-8da5-0014222e7ef9}" => Key not found.
"HKU\S-1-5-21-854245398-764733703-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4e06a27-e044-11df-8da5-0014222e7ef9}" => Key deleted successfully.
"HKCR\CLSID\{c4e06a27-e044-11df-8da5-0014222e7ef9}" => Key not found.
C:\Documents and Settings\uu\Data aplikací\Ozroz\qywyy.exe => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33D59858-89D9-4AC2-A956-93875EB02323}" => Key deleted successfully.
"HKCR\CLSID\{33D59858-89D9-4AC2-A956-93875EB02323}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{26CF0ECA-50B9-411D-BA37-86BD6AD53382}" => Key deleted successfully.
"HKCR\CLSID\{26CF0ECA-50B9-411D-BA37-86BD6AD53382}" => Key not found.
XDva349 => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job => Moved successfully.
C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Documents and Settings\KBCertifikat\lkpdetect.exe => Moved successfully.
C:\Documents and Settings\uu\jagex_runescape_preferences.dat => Moved successfully.
C:\Documents and Settings\uu\jagex_runescape_preferences2.dat => Moved successfully.
C:\Documents and Settings\uu\Local Settings\Temp => Moved successfully.
C:\WINDOWS\Tasks\{4CE76CC6-5163-7485-CE5B-964C407C6E45}.job not found.
C:\WINDOWS\Tasks\{6D5917A0-65C2-0C3B-6734-0E49CA03F148}.job not found.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":661DFA1C" ADS removed successfully.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Adun]

Vypadá to, že Google funguje. Mockrát děkuji

[Rudy]

Rádo se stalo!