VIRY.CZ

muzu ten eset smazat a novy antivir stahnout az po dokonceni cisteni?jsem stale v nouzaku a nejde mi eset oddinstalovat

Kdyz jste v nouzaku, tak pouzijte tohle http://download.eset.com/special/ESETUninstaller.exe navod zde http://www.viry.cz/forum/viewtopic.php?p=889437#p889437

Avast pak nahodte z normalniho rezimu

Results of screen317's Security Check version 0.99.78
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Please wait while WMIC compiles updated MOF files.d
i
s
p
l
a
y
N
a
m
e
Re§im ECHO je vypnut.
E
S
E
T
Re§im ECHO je vypnut.
S
m
a
r
t
Re§im ECHO je vypnut.
S
e
c
u
r
i
t
y
Re§im ECHO je vypnut.
3
.
0
Re§im ECHO je vypnut.
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Spyware Terminator 2012
Windows Defender
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
TuneUp Utilities 2011
CCleaner
Java(TM) 6 Update 11
Java 7 Update 11
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (26.0)
Google Chrome 31.0.1650.57
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MsMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

Tohle odinstalujte Spyware Terminator 2012

Dejte tam ten Avast pokud nemate

Dejte novy log z FRSTLauncheru

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-01-2014 01
Ran by Aleš (administrator) on DOMA-9914C156DA on 15-01-2014 18:49:48
Running from C:\Documents and Settings\Aleš\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lee-Soft.com) C:\Program Files\Extras\ViOrb\ViOrb.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\WINDOWS\tsnpstd3.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Microsoft) C:\WINDOWS\arservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
() C:\Documents and Settings\Aleš\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2007-03-16] (Analog Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [ViOrb] - C:\Program Files\extras\ViOrb\ViOrb.exe [69632 2008-12-07] (Lee-Soft.com)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13574144 2008-09-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [tsnpstd3] - C:\WINDOWS\tsnpstd3.exe [94208 2005-12-20] ()
HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-15] (AVAST Software)
HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-06-01] (Facebook Inc.)
HKU\Default User\...\RunOnce: [_nltide_2] - regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=Os ... dium=start
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {31CF9EBE-5755-4a1d-AC25-2834D952D9B4} URL = http://search.pdfcreator-toolbar.org/se ... arch-field
BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll (IE7Pro.com)
BHO: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Webexp Enhanced - {aa82027b-b796-4efa-a7b9-d098fff3946a} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ie\WebexpEnhancedV1alpha421.dll ()
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Video Player - {dd63d99e-b54d-43cf-a259-1336bf38603b} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ie\VideoPlayerV3beta273.dll ()
Toolbar: HKLM - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 188.92.8.18 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Aleš\Data aplikací\Mozilla\Firefox\Profiles\euyg58ab.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\Aleš\Data aplikací\Mozilla\Firefox\Profiles\euyg58ab.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-10-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-25]
FF HKLM\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha421.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff [2013-12-21]
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta273.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff [2014-01-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-15]

Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR RestoreOnStartup: "hxxp://seznam.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Documents and Settings\Ale\u0161\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-05-28]
CHR Extension: (Google Drive) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-05-28]
CHR Extension: (YouTube) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-05-28]
CHR Extension: (Google Search) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-05-28]
CHR Extension: (Webexp Enhanced) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlpbbghhdggbghpedjbmfjnadbpoifmj\1.1_0 [2014-01-13]
CHR Extension: (Video Player) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lmohihabfmehcojonkdncolggnndpgam\1.1_0 [2014-01-13]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2014-01-13]
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_1 [2013-10-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-04-08]
CHR Extension: (BetterSrf) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0 [2013-12-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-15]
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx [2014-01-15]
CHR HKLM\...\Chrome\Extension: [jlpbbghhdggbghpedjbmfjnadbpoifmj] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ch\WebexpEnhancedV1alpha421.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [lmohihabfmehcojonkdncolggnndpgam] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ch\VideoPlayerV3beta273.crx [2014-01-08]
CHR HKLM\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-08]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]

========================== Services (Whitelisted) =================

R2 ARSVC; C:\WINDOWS\arservice.exe [58880 2008-12-27] (Microsoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-15] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-01-12] (Oracle Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-06-19] (Advanced Micro Devices)
R3 AR9271; C:\Windows\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.)
R3 aracpi; C:\Windows\System32\DRIVERS\aracpi.sys [22784 2008-12-27] (Microsoft Corporation)
S3 arhidfltr; C:\Windows\System32\DRIVERS\arhidfltr.sys [19200 2008-12-27] (Microsoft Corporation)
R3 arkbcfltr; C:\Windows\System32\DRIVERS\arkbcfltr.sys [5376 2008-12-27] (Microsoft Corporation)
R3 armoucfltr; C:\Windows\System32\DRIVERS\armoucfltr.sys [4992 2008-12-27] (Microsoft Corporation)
R3 ARPolicy; C:\Windows\System32\DRIVERS\arpolicy.sys [10112 2008-12-27] (Microsoft Corporation)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-15] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-15] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-15] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-08] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2006-02-26] ()
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\Windows\System32\Drivers\nvatabus.sys [100736 2008-12-29] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
R1 nvport; C:\WINDOWS\system32\Drivers\nvport.sys [4608 2006-05-05] (NVIDIA Corporation.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2006-03-29] (Padus, Inc.)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [8718848 2005-12-08] ()
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S4 IntelIde; No ImagePath
S3 wnsricba; No ImagePath
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 18:49 - 2014-01-15 18:49 - 00020641 _____ C:\Documents and Settings\Aleš\Plocha\FRST.txt
2014-01-15 18:49 - 2014-01-15 18:49 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha\FRST-OlderVersion
2014-01-15 18:45 - 2014-01-15 18:45 - 00000000 ____D C:\Documents and Settings\Aleš\Data aplikací\AVAST Software
2014-01-15 18:38 - 2014-01-15 18:50 - 00000360 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-15 18:38 - 2014-01-15 18:38 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-01-15 18:37 - 2014-01-15 18:37 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-15 18:37 - 2014-01-15 18:37 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-15 18:29 - 2014-01-15 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 18:29 - 2014-01-15 18:29 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-01-15 18:05 - 2014-01-15 18:05 - 00987410 _____ C:\Documents and Settings\Aleš\Plocha\SecurityCheck.exe
2014-01-15 17:57 - 2014-01-15 17:57 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2014-01-15 17:17 - 2014-01-15 18:49 - 00000000 ____D C:\FRST
2014-01-15 17:14 - 2014-01-15 18:49 - 01220096 _____ (Farbar) C:\Documents and Settings\Aleš\Plocha\FRST.exe
2014-01-15 16:38 - 2014-01-15 18:22 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-15 16:37 - 2014-01-15 16:37 - 00000000 ____D C:\WINDOWS\CSC
2014-01-15 16:27 - 2014-01-15 16:27 - 00000000 ____D C:\Documents and Settings\Aleš\Dokumenty\Stažené soubory
2014-01-14 22:27 - 2014-01-15 18:24 - 00034087 _____ C:\WINDOWS\setupapi.log
2014-01-14 22:26 - 2014-01-14 22:26 - 00000681 _____ C:\WINDOWS\KB973768.log
2014-01-14 01:20 - 2014-01-15 16:48 - 00112918 _____ C:\Documents and Settings\Aleš\Plocha\OTL.Txt
2014-01-14 01:20 - 2014-01-14 01:20 - 00043376 _____ C:\Documents and Settings\Aleš\Plocha\Extras.Txt
2014-01-14 01:05 - 2014-01-15 16:41 - 00000512 _____ C:\PhysicalMBR.bin
2014-01-14 00:59 - 2014-01-14 01:00 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Aleš\Plocha\OTL.exe
2014-01-14 00:56 - 2014-01-14 00:56 - 00000000 ___RD C:\Documents and Settings\Aleš\Nabídka Start\Programy\Nástroje pro správu
2014-01-13 18:08 - 2014-01-13 18:08 - 00000736 _____ C:\Documents and Settings\All Users\Plocha\PokerStars.lnk
2014-01-13 18:08 - 2014-01-13 18:08 - 00000736 _____ C:\Documents and Settings\All Users\Nabídka Start\PokerStars.lnk
2014-01-13 18:08 - 2014-01-13 18:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\PokerStars
2014-01-13 18:07 - 2014-01-14 00:06 - 00000000 ____D C:\Program Files\PokerStars
2014-01-13 15:12 - 2014-01-13 20:01 - 00000000 ____D C:\AdwCleaner
2014-01-13 15:05 - 2014-01-13 15:05 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-13 15:04 - 2014-01-13 15:04 - 00001870 _____ C:\sc-cleaner.txt
2014-01-13 15:03 - 2014-01-13 15:03 - 01236282 _____ C:\Documents and Settings\Aleš\Plocha\adwcleaner.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 01037068 _____ (Thisisu) C:\Documents and Settings\Aleš\Plocha\JRT.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 00406264 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Aleš\Plocha\sc-cleaner.exe
2014-01-13 14:52 - 2014-01-13 14:52 - 00000000 ____D C:\rsit
2014-01-13 14:52 - 2014-01-13 14:52 - 00000000 ____D C:\Program Files\trend micro
2014-01-13 14:51 - 2014-01-13 14:51 - 00781909 _____ C:\Documents and Settings\Aleš\Plocha\RSIT.exe
2014-01-12 12:43 - 2014-01-12 12:43 - 00000000 ____D C:\Program Files\VideoPlayerV3
2013-12-25 11:46 - 2013-12-25 11:46 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\House of Tales
2013-12-25 11:44 - 2013-12-25 11:44 - 00000000 ____D C:\Program Files\House of Tales
2013-12-25 01:20 - 2013-12-25 01:20 - 00000821 _____ C:\Documents and Settings\Aleš\Plocha\Drači oko.lnk
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\WINDOWS\Cache
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Program Files\Common Files\DirectX
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Documents and Settings\Aleš\Nabídka Start\Programy\Hypermax
2013-12-25 01:16 - 2013-12-25 01:16 - 00000000 ____D C:\Program Files\Hypermax
2013-12-23 23:48 - 2013-12-23 23:48 - 00000000 ____D C:\ee6954325076deda2f3e1b5f7bca8e
2013-12-22 18:05 - 2013-12-22 18:05 - 00002020 _____ C:\Documents and Settings\All Users\Plocha\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2013-12-22 18:05 - 2013-12-22 18:05 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\THQ
2013-12-22 17:55 - 2013-12-22 17:55 - 00000000 ____D C:\Program Files\THQ
2013-12-22 15:11 - 2013-12-22 15:11 - 00000000 ____D C:\Program Files\1C Company
2013-12-21 12:52 - 2013-12-21 12:52 - 00000000 ____D C:\Program Files\WebexpEnhancedV1
2013-12-20 16:37 - 2013-12-20 16:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-17 22:19 - 2013-12-17 22:19 - 00001804 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
2013-12-17 22:19 - 2013-12-17 22:19 - 00001729 _____ C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
2013-12-17 22:19 - 2013-12-17 22:19 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-17 22:19 - 2013-12-17 22:19 - 00000000 ____D C:\Program Files\Adobe
2013-12-17 19:49 - 2013-12-17 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Caphyon
2013-12-17 19:46 - 2013-12-17 22:44 - 00000000 ____D C:\Program Files\QuadCoreM2
2013-12-17 19:41 - 2013-12-17 19:41 - 00000000 ____D C:\Documents and Settings\Aleš\Data aplikací\Quadcore Games

==================== One Month Modified Files and Folders =======

2014-01-15 18:50 - 2014-01-15 18:38 - 00000360 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-15 18:49 - 2014-01-15 18:49 - 00020641 _____ C:\Documents and Settings\Aleš\Plocha\FRST.txt
2014-01-15 18:49 - 2014-01-15 18:49 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha\FRST-OlderVersion
2014-01-15 18:49 - 2014-01-15 17:17 - 00000000 ____D C:\FRST
2014-01-15 18:49 - 2014-01-15 17:14 - 01220096 _____ (Farbar) C:\Documents and Settings\Aleš\Plocha\FRST.exe
2014-01-15 18:49 - 2012-12-14 01:50 - 00000000 ___HD C:\Documents and Settings\Aleš\Local Settings\Data aplikací
2014-01-15 18:49 - 2012-12-14 01:50 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha
2014-01-15 18:45 - 2014-01-15 18:45 - 00000000 ____D C:\Documents and Settings\Aleš\Data aplikací\AVAST Software
2014-01-15 18:45 - 2012-12-14 01:50 - 00000000 __RHD C:\Documents and Settings\Aleš\Data aplikací
2014-01-15 18:38 - 2014-01-15 18:38 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-01-15 18:38 - 2012-12-14 02:08 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-01-15 18:38 - 2012-12-14 02:08 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2014-01-15 18:37 - 2014-01-15 18:37 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-15 18:37 - 2014-01-15 18:37 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-15 18:37 - 2014-01-15 18:37 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-15 18:29 - 2014-01-15 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-15 18:29 - 2014-01-15 18:29 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-01-15 18:29 - 2012-12-14 02:08 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2014-01-15 18:27 - 2012-12-13 22:44 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2014-01-15 18:24 - 2014-01-14 22:27 - 00034087 _____ C:\WINDOWS\setupapi.log
2014-01-15 18:24 - 2012-12-14 01:33 - 01735705 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-15 18:23 - 2013-04-08 19:48 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-15 18:23 - 2012-12-14 02:13 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-15 18:23 - 2012-12-14 02:13 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-15 18:23 - 2012-12-14 02:12 - 00200712 _____ C:\WINDOWS\system32\nvapps.xml
2014-01-15 18:23 - 2012-12-14 01:50 - 00000178 ___SH C:\Documents and Settings\Aleš\ntuser.ini
2014-01-15 18:23 - 2012-12-14 01:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-15 18:23 - 2012-12-14 01:31 - 00000000 ____D C:\WINDOWS\Registration
2014-01-15 18:22 - 2014-01-15 16:38 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-15 18:05 - 2014-01-15 18:05 - 00987410 _____ C:\Documents and Settings\Aleš\Plocha\SecurityCheck.exe
2014-01-15 17:57 - 2014-01-15 17:57 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2014-01-15 16:48 - 2014-01-14 01:20 - 00112918 _____ C:\Documents and Settings\Aleš\Plocha\OTL.Txt
2014-01-15 16:41 - 2014-01-14 01:05 - 00000512 _____ C:\PhysicalMBR.bin
2014-01-15 16:37 - 2014-01-15 16:37 - 00000000 ____D C:\WINDOWS\CSC
2014-01-15 16:35 - 2012-12-14 10:32 - 00131072 _____ C:\WINDOWS\system32\config\TuneUp.evt
2014-01-15 16:35 - 2012-12-14 01:48 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-15 16:27 - 2014-01-15 16:27 - 00000000 ____D C:\Documents and Settings\Aleš\Dokumenty\Stažené soubory
2014-01-15 16:27 - 2012-12-14 01:50 - 00000000 ___RD C:\Documents and Settings\Aleš\Dokumenty
2014-01-15 16:05 - 2013-06-01 13:00 - 00000988 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004UA.job
2014-01-15 16:01 - 2013-04-08 19:48 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 15:54 - 2001-10-25 17:30 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-14 22:26 - 2014-01-14 22:26 - 00000681 _____ C:\WINDOWS\KB973768.log
2014-01-14 01:20 - 2014-01-14 01:20 - 00043376 _____ C:\Documents and Settings\Aleš\Plocha\Extras.Txt
2014-01-14 01:00 - 2014-01-14 00:59 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Aleš\Plocha\OTL.exe
2014-01-14 00:56 - 2014-01-14 00:56 - 00000000 ___RD C:\Documents and Settings\Aleš\Nabídka Start\Programy\Nástroje pro správu
2014-01-14 00:56 - 2012-12-14 01:50 - 00000000 ___RD C:\Documents and Settings\Aleš\Nabídka Start\Programy
2014-01-14 00:54 - 2013-02-08 19:48 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-14 00:06 - 2014-01-13 18:07 - 00000000 ____D C:\Program Files\PokerStars
2014-01-13 20:01 - 2014-01-13 15:12 - 00000000 ____D C:\AdwCleaner
2014-01-13 18:08 - 2014-01-13 18:08 - 00000736 _____ C:\Documents and Settings\All Users\Plocha\PokerStars.lnk
2014-01-13 18:08 - 2014-01-13 18:08 - 00000736 _____ C:\Documents and Settings\All Users\Nabídka Start\PokerStars.lnk
2014-01-13 18:08 - 2014-01-13 18:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\PokerStars
2014-01-13 18:08 - 2012-12-14 02:08 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2014-01-13 15:06 - 2013-10-06 16:30 - 00000000 ____D C:\Program Files\LemurLeap
2014-01-13 15:05 - 2014-01-13 15:05 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-13 15:04 - 2014-01-13 15:04 - 00001870 _____ C:\sc-cleaner.txt
2014-01-13 15:03 - 2014-01-13 15:03 - 01236282 _____ C:\Documents and Settings\Aleš\Plocha\adwcleaner.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 01037068 _____ (Thisisu) C:\Documents and Settings\Aleš\Plocha\JRT.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 00406264 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Aleš\Plocha\sc-cleaner.exe
2014-01-13 14:52 - 2014-01-13 14:52 - 00000000 ____D C:\rsit
2014-01-13 14:52 - 2014-01-13 14:52 - 00000000 ____D C:\Program Files\trend micro
2014-01-13 14:51 - 2014-01-13 14:51 - 00781909 _____ C:\Documents and Settings\Aleš\Plocha\RSIT.exe
2014-01-13 14:46 - 2013-02-08 20:11 - 00000000 ____D C:\Documents and Settings\Aleš\Data aplikací\DAEMON Tools Pro
2014-01-13 14:46 - 2012-12-14 01:50 - 00000000 ____D C:\Documents and Settings\Aleš
2014-01-12 13:05 - 2013-06-01 13:00 - 00000966 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004Core.job
2014-01-12 12:43 - 2014-01-12 12:43 - 00000000 ____D C:\Program Files\VideoPlayerV3
2013-12-25 11:46 - 2013-12-25 11:46 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\House of Tales
2013-12-25 11:44 - 2013-12-25 11:44 - 00000000 ____D C:\Program Files\House of Tales
2013-12-25 01:20 - 2013-12-25 01:20 - 00000821 _____ C:\Documents and Settings\Aleš\Plocha\Drači oko.lnk
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\WINDOWS\Cache
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Program Files\Common Files\DirectX
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Documents and Settings\Aleš\Nabídka Start\Programy\Hypermax
2013-12-25 01:17 - 2013-06-03 18:58 - 00000000 ____D C:\Program Files\Sierra
2013-12-25 01:16 - 2013-12-25 01:16 - 00000000 ____D C:\Program Files\Hypermax
2013-12-23 23:48 - 2013-12-23 23:48 - 00000000 ____D C:\ee6954325076deda2f3e1b5f7bca8e
2013-12-22 18:05 - 2013-12-22 18:05 - 00002020 _____ C:\Documents and Settings\All Users\Plocha\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
2013-12-22 18:05 - 2013-12-22 18:05 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\THQ
2013-12-22 17:55 - 2013-12-22 17:55 - 00000000 ____D C:\Program Files\THQ
2013-12-22 15:11 - 2013-12-22 15:11 - 00000000 ____D C:\Program Files\1C Company
2013-12-22 15:08 - 2012-12-14 01:33 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-12-22 14:46 - 2012-12-23 14:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 12:52 - 2013-12-21 12:52 - 00000000 ____D C:\Program Files\WebexpEnhancedV1
2013-12-20 16:37 - 2013-12-20 16:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-18 23:38 - 2012-12-14 19:01 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha\stahnute
2013-12-18 22:59 - 2013-01-27 00:06 - 00012800 _____ C:\Documents and Settings\Aleš\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-18 21:02 - 2013-04-08 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Drive
2013-12-17 22:51 - 2013-12-09 15:29 - 00000000 ____D C:\Documents and Settings\Ale�\Dokumenty
2013-12-17 22:51 - 2013-12-09 15:28 - 00000000 ____D C:\Program Files\GameforgeLive
2013-12-17 22:44 - 2013-12-17 19:46 - 00000000 ____D C:\Program Files\QuadCoreM2
2013-12-17 22:19 - 2013-12-17 22:19 - 00001804 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
2013-12-17 22:19 - 2013-12-17 22:19 - 00001729 _____ C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
2013-12-17 22:19 - 2013-12-17 22:19 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-17 22:19 - 2013-12-17 22:19 - 00000000 ____D C:\Program Files\Adobe
2013-12-17 22:19 - 2012-12-13 22:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-12-17 22:18 - 2013-02-08 20:19 - 00000000 ____D C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Adobe
2013-12-17 20:57 - 2013-02-08 16:57 - 00000000 ____D C:\Documents and Settings\Aleš\Dokumenty\My Games
2013-12-17 19:49 - 2013-12-17 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Caphyon
2013-12-17 19:49 - 2012-12-14 01:50 - 00000000 ___RD C:\Documents and Settings\Aleš\Oblíbené položky
2013-12-17 19:41 - 2013-12-17 19:41 - 00000000 ____D C:\Documents and Settings\Aleš\Data aplikací\Quadcore Games

Some content of TEMP:
====================
C:\Documents and Settings\Aleš\Local Settings\Temp\comsvcs.dll
C:\Documents and Settings\Aleš\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-12-19 17:13] - [2008-12-19 17:13] - 1486336 ____A (Microsoft Corporation) d39127310cbad1485ec5001a4ed1d853

C:\Windows\System32\winlogon.exe
[2008-12-19 16:59] - [2008-12-19 16:59] - 0557056 ____A (Microsoft Corporation) 12a799ad9415ae9c8abcc5f75e9cf034

C:\Windows\System32\svchost.exe
[2008-04-14 11:22] - [2008-04-14 11:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 11:22] - [2009-02-09 15:55] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-12-19 16:58] - [2008-12-19 16:58] - 0578560 ____A (Microsoft Corporation) ccb32d10c69a89822e9134c0c4894be1

C:\Windows\System32\userinit.exe
[2008-04-14 11:22] - [2008-04-14 11:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 10:12] - [2008-04-14 10:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:37.26 GB) (Free:3.68 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 1358.74 MB
Total physical RAM: 2047.3 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: A074EE02)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004Core.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004UA.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Ale\Plocha" je 3573 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IEPro\\MiniDM.exe"="C:\\Program Files\\IEPro\\MiniDM.exe:*:Enabled:MiniDM"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Documents and Settings\\Ale\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Ale\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"80:TCP"="80:TCP:*:Enabled:War Thunder"
"443:TCP"="443:TCP:*:Enabled:War Thunder"
"20010:UDP"="20010:UDP:*:Enabled:War Thunder"
"3478:UDP"="3478:UDP:*:Enabled:War Thunder"
"7850:TCP"="7850:TCP:*:Enabled:War Thunder"
"27022:TCP"="27022:TCP:*:Enabled:War Thunder"
"6881:TCP"="6881:TCP:*:Enabled:War Thunder"
"33333:TCP"="33333:TCP:*:Enabled:War Thunder"
"20443:TCP"="20443:TCP:*:Enabled:War Thunder"
"8090:TCP"="8090:TCP:*:Enabled:War Thunder"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
  HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
  HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
  HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
  HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
  HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-06-01] (Facebook Inc.)
  HKU\Default User\...\RunOnce: [_nltide_2] - regsvr32 /s /n /i:U shell32
  Startup: C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=Os ... dium=start
  SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
  SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
  SearchScopes: HKCU - {31CF9EBE-5755-4a1d-AC25-2834D952D9B4} URL = http://search.pdfcreator-toolbar.org/se ... Q&ts=ne&w={searchTerms}&csrc=search-field
  BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll (IE7Pro.com)
  BHO: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - No File
  BHO: Webexp Enhanced - {aa82027b-b796-4efa-a7b9-d098fff3946a} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ie\WebexpEnhancedV1alpha421.dll ()
  BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
  Toolbar: HKLM - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
  Toolbar: HKCU - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
  
  FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
  FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
  FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-25]
  FF HKLM\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files\BetterSurf\BetterSurfPlus\ff
  FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha421.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff
  FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff [2013-12-21]
  FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta273.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff
  FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff [2014-01-12]
  
  CHR Extension: (Webexp Enhanced) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlpbbghhdggbghpedjbmfjnadbpoifmj\1.1_0 [2014-01-13]
  CHR Extension: (Video Player) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lmohihabfmehcojonkdncolggnndpgam\1.1_0 [2014-01-13]
  CHR Extension: (BetterSrf) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0 [2013-12-10]
  CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx [2014-01-15]
  CHR HKLM\...\Chrome\Extension: [jlpbbghhdggbghpedjbmfjnadbpoifmj] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ch\WebexpEnhancedV1alpha421.crx [2013-12-19]
  CHR HKLM\...\Chrome\Extension: [lmohihabfmehcojonkdncolggnndpgam] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ch\VideoPlayerV3beta273.crx [2014-01-08]
  CHR HKLM\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-08]
  CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]
  
  C:\Program Files\VideoPlayerV3
  C:\Program Files\Better-Surf
  C:\Program Files\LemurLeap
  2014-01-15 18:49 - 2014-01-15 18:49 - 00020641 _____ C:\Documents and Settings\Aleš\Plocha\FRST.txt
  2014-01-15 18:49 - 2014-01-15 18:49 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha\FRST-OlderVersion
  2014-01-14 01:20 - 2014-01-15 16:48 - 00112918 _____ C:\Documents and Settings\Aleš\Plocha\OTL.Txt
  2014-01-14 01:20 - 2014-01-14 01:20 - 00043376 _____ C:\Documents and Settings\Aleš\Plocha\Extras.Txt
  2014-01-14 01:05 - 2014-01-15 16:41 - 00000512 _____ C:\PhysicalMBR.bin
  2014-01-14 00:59 - 2014-01-14 01:00 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Aleš\Plocha\OTL.exe
  2014-01-13 15:04 - 2014-01-13 15:04 - 00001870 _____ C:\sc-cleaner.txt
  2014-01-13 15:03 - 2014-01-13 15:03 - 01236282 _____ C:\Documents and Settings\Aleš\Plocha\adwcleaner.exe
  2014-01-13 15:03 - 2014-01-13 15:03 - 01037068 _____ (Thisisu) C:\Documents and Settings\Aleš\Plocha\JRT.exe
  2014-01-13 15:03 - 2014-01-13 15:03 - 00406264 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Aleš\Plocha\sc-cleaner.exe
  2014-01-13 14:51 - 2014-01-13 14:51 - 00781909 _____ C:\Documents and Settings\Aleš\Plocha\RSIT.exe
  C:\Documents and Settings\Aleš\Local Settings\Temp\comsvcs.dll
  C:\Documents and Settings\Aleš\Local Settings\Temp\Quarantine.exe
  
  S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
  S4 IntelIde; No ImagePath
  S3 wnsricba; No ImagePath
  U1 WS2IFSL; 
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004Core.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004UA.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-01-2014 01
Ran by Aleš at 2014-01-26 20:24:10 Run:1
Running from C:\Documents and Settings\Aleš\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2013-06-01] (Facebook Inc.)
HKU\Default User\...\RunOnce: [_nltide_2] - regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=Os ... dium=start
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {31CF9EBE-5755-4a1d-AC25-2834D952D9B4} URL = http://search.pdfcreator-toolbar.org/se ... Q&ts=ne&w={searchTerms}&csrc=search-field
BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll (IE7Pro.com)
BHO: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - No File
BHO: Webexp Enhanced - {aa82027b-b796-4efa-a7b9-d098fff3946a} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ie\WebexpEnhancedV1alpha421.dll ()
BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
Toolbar: HKLM - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
Toolbar: HKCU - PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()

FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-25]
FF HKLM\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha421.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff [2013-12-21]
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta273.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff [2014-01-12]

CHR Extension: (Webexp Enhanced) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlpbbghhdggbghpedjbmfjnadbpoifmj\1.1_0 [2014-01-13]
CHR Extension: (Video Player) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lmohihabfmehcojonkdncolggnndpgam\1.1_0 [2014-01-13]
CHR Extension: (BetterSrf) - C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0 [2013-12-10]
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx [2014-01-15]
CHR HKLM\...\Chrome\Extension: [jlpbbghhdggbghpedjbmfjnadbpoifmj] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ch\WebexpEnhancedV1alpha421.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [lmohihabfmehcojonkdncolggnndpgam] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ch\VideoPlayerV3beta273.crx [2014-01-08]
CHR HKLM\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-08]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]

C:\Program Files\VideoPlayerV3
C:\Program Files\Better-Surf
C:\Program Files\LemurLeap
2014-01-15 18:49 - 2014-01-15 18:49 - 00020641 _____ C:\Documents and Settings\Aleš\Plocha\FRST.txt
2014-01-15 18:49 - 2014-01-15 18:49 - 00000000 ____D C:\Documents and Settings\Aleš\Plocha\FRST-OlderVersion
2014-01-14 01:20 - 2014-01-15 16:48 - 00112918 _____ C:\Documents and Settings\Aleš\Plocha\OTL.Txt
2014-01-14 01:20 - 2014-01-14 01:20 - 00043376 _____ C:\Documents and Settings\Aleš\Plocha\Extras.Txt
2014-01-14 01:05 - 2014-01-15 16:41 - 00000512 _____ C:\PhysicalMBR.bin
2014-01-14 00:59 - 2014-01-14 01:00 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Aleš\Plocha\OTL.exe
2014-01-13 15:04 - 2014-01-13 15:04 - 00001870 _____ C:\sc-cleaner.txt
2014-01-13 15:03 - 2014-01-13 15:03 - 01236282 _____ C:\Documents and Settings\Aleš\Plocha\adwcleaner.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 01037068 _____ (Thisisu) C:\Documents and Settings\Aleš\Plocha\JRT.exe
2014-01-13 15:03 - 2014-01-13 15:03 - 00406264 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Aleš\Plocha\sc-cleaner.exe
2014-01-13 14:51 - 2014-01-13 14:51 - 00781909 _____ C:\Documents and Settings\Aleš\Plocha\RSIT.exe
C:\Documents and Settings\Aleš\Local Settings\Temp\comsvcs.dll
C:\Documents and Settings\Aleš\Local Settings\Temp\Quarantine.exe

S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S4 IntelIde; No ImagePath
S3 wnsricba; No ImagePath
U1 WS2IFSL;

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004Core.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004UA.job => C:\Documents and Settings\Alea\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Printsrv => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 => Value deleted successfully.
C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF} => Key deleted successfully.
HKCR\CLSID\{00011268-E188-40DF-A514-835FCD78B1BF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKCR\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa82027b-b796-4efa-a7b9-d098fff3946a} => Key deleted successfully.
HKCR\CLSID\{aa82027b-b796-4efa-a7b9-d098fff3946a} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837} => Key deleted successfully.
HKCR\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} => Value deleted successfully.
HKCR\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} => Value deleted successfully.
HKCR\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\xz123@ya456.com => Value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\12x3q@3244516.com => Value deleted successfully.
C:\Program Files\Better-Surf\ff => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => Value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha421.net => Value deleted successfully.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ff => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta273.net => Value deleted successfully.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ff => Moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlpbbghhdggbghpedjbmfjnadbpoifmj\1.1_0 => Moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lmohihabfmehcojonkdncolggnndpgam\1.1_0 => Moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0 => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof => Key deleted successfully.
"C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\jlpbbghhdggbghpedjbmfjnadbpoifmj => Key deleted successfully.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha421\ch\WebexpEnhancedV1alpha421.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lmohihabfmehcojonkdncolggnndpgam => Key deleted successfully.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta273\ch\VideoPlayerV3beta273.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => Key deleted successfully.
"C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco => Key deleted successfully.
C:\Program Files\Better-Surf\ch\Chrome.crx => Moved successfully.
C:\Program Files\VideoPlayerV3 => Moved successfully.
C:\Program Files\Better-Surf => Moved successfully.
C:\Program Files\LemurLeap => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\FRST.txt => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\FRST-OlderVersion => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\OTL.Txt => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\Extras.Txt => Moved successfully.
C:\PhysicalMBR.bin => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\OTL.exe => Moved successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\adwcleaner.exe => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\JRT.exe => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\sc-cleaner.exe => Moved successfully.
C:\Documents and Settings\Aleš\Plocha\RSIT.exe => Moved successfully.
"C:\Documents and Settings\Aleš\Local Settings\Temp\comsvcs.dll" => File/Directory not found.
"C:\Documents and Settings\Aleš\Local Settings\Temp\Quarantine.exe" => File/Directory not found.
EagleXNt => Service deleted successfully.
IntelIde => Service deleted successfully.
wnsricba => Service deleted successfully.
WS2IFSL => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-515967899-746137067-1417001333-1004UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\MP Scheduled Scan.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Jak se chova PC???

nebyl jsem cca tyden doma,tak nevim presne,ale synek rika,ze obcas mu nejaka ta stranka jeste sama vyskoci,vzdy se jedna o nabydku k nejake hre.rozhodne to ale dela uz mene casto.dnes se to zatim nestalo jeste ani jednou.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

zatim vypada vse v poradku,dekuji mnohokrat za rady a pomoc.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat