VIRY.CZ

....mám podezření na havěť, prosím o pomoc na bojišti:-(

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-11-2013
Ran by Uživatel (administrator) on KP-ADAPTECH_ZMT on 30-11-2013 02:12:47
Running from C:\Documents and Settings\Uživatel\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(http://goforfiles.com/) C:\Program Files\GoforFiles\GFFUpdater.exe
() C:\Program Files\ExpressFiles\EFUpdater.exe
(Dolphin Oceanic Ltd.) C:\WINDOWS\system32\dolsrvcbar2.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Iminent) C:\Program Files\Iminent\Iminent.exe
(Iminent) C:\Program Files\Iminent\Iminent.Messengers.exe
(Dolphin Oceanic Ltd.) C:\WINDOWS\system32\dolserve.exe
() C:\Program Files\Mobogenie\DaemonProcess.exe
(Kanex Group, Inc.) C:\Program Files\Restore Desktop\RestoreDesktop.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
() C:\WINDOWS\system32\dmwu.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Iminent) C:\Program Files\Common Files\Umbrella\Umbrella.exe
(LemurLeap) C:\Program Files\LemurLeap\bin\utilLemurLeap.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
() C:\WINDOWS\system32\jmdp\stij.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [177472 2009-05-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2285232 2013-08-12] ()
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-16] (APN)
HKLM\...\Run: [Iminent] - C:\Program Files\Iminent\Iminent.exe [1074736 2013-11-17] (Iminent)
HKLM\...\Run: [IminentMessenger] - C:\Program Files\Iminent\Iminent.Messengers.exe [884784 2013-11-17] (Iminent)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [746176 2013-10-30] ()
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [RestoreDesktop] - C:\Program Files\Restore Desktop\RestoreDesktop.exe [45056 2003-03-11] (Kanex Group, Inc.)
HKCU\...\Run: [Sony Ericsson PC Companion] - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872 2011-10-21] (Sony Ericsson)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\Uživatel\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\Uživatel\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\Tonda\...\Run: [RestoreDesktop] - C:\Program Files\Restore Desktop\RestoreDesktop.exe [ 2003-03-11] (Kanex Group, Inc.)
HKU\Tonda\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b ... 1384190733
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b ... 1384190733
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 1A920EA667}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 1A920EA667}
SearchScopes: HKCU - DefaultScope A7764E2C-6180-4216-BF1E-D99663DE906D URL = http://tuvaro.com/ws/?source=e0c8d0ad&t ... earchTerms}
SearchScopes: HKCU - A7764E2C-6180-4216-BF1E-D99663DE906D URL = http://tuvaro.com/ws/?source=e0c8d0ad&t ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 1a920ea667
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 24C04F8B30
SearchScopes: HKCU - {6B89C297-C0F5-42D7-BCCF-3E2DD5264166} URL = http://search.aol.com/aol/search?s_it=t ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2504091
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://mysearch.sweetpacks.com?src=6&q= ... ms}&barid=&
BHO: YoutubeAdblocker - {2EF201BC-801B-E71C-A77C-1D836AF81E62} - C:\Program Files\YoutubeAdblocker\NbOj.dll ()
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: surf! and keeeep - {516B83F0-A7BC-5D35-D554-9E82382602C5} - C:\Program Files\surf! and keeeep\Pc37WaAVUG.dll ()
BHO: No Name - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
Toolbar: HKCU - Vuze Remote Toolbar - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8466944 2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Uživatel\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: gophoto - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF Extension: BetterSurf - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR DefaultSearchURL: (SearchTheWeb) - http://mysearch.sweetpacks.com?src=6&q= ... ms}&barid=&
CHR DefaultSuggestURL: (SearchTheWeb) - "suggest_url": "",
CHR Extension: (Ask Toolbar) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk\25.60699_0
CHR Extension: (surf and keep) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\amgnnaiegfgokfjjccpkhgaonpekgekh\2.19
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YoutubeBookmark) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\cjhbhcfgkbdjeeahkogbdapgoagkhdml\1.0
CHR Extension: (BetterSurf) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0
CHR Extension: (YoutubeAdblocker) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\egfolfcapndkplcigdpbkpheejmmcalg\1.0
CHR Extension: (Iminent) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.48.1.1_0
CHR Extension: (SweetIM for Facebook) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0
CHR Extension: (Google Wallet) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (SweetPacks Chrome Extension) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0
CHR Extension: (Iminent Chrome Toolbar) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0
CHR Extension: (BetterSrf) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torch\Plugins\TorchPlugin.crx
CHR HKLM\...\Chrome\Extension: [lobcfhikamnhhjafcmphmojifjekbgma] - C:\Documents and Settings\All Users\Data aplikací\Click2Save\lobcfhikamnhhjafcmphmojifjekbgma.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\\ChromeExt\\avg.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx
CHR HKLM\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files\IminentToolbar\1.8.26.8\iminent.crx
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-16] (APN LLC.)
S2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrash.exe [143488 2013-11-29] ()
R2 DolphinCBarSrv2; C:\WINDOWS\system32\dolsrvcbar2.exe [258048 2008-01-08] (Dolphin Oceanic Ltd.)
R2 DolphinInterceptorStartup; C:\WINDOWS\system32\dolserve.exe [270336 2008-01-04] (Dolphin Oceanic Ltd.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1432368 2013-10-15] ()
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [98304 2006-07-29] (Intel)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2905408 2013-11-17] (Iminent)
S2 Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [65312 2013-10-03] (LemurLeap)
R2 Util LemurLeap; C:\Program Files\LemurLeap\bin\utilLemurLeap.exe [65312 2013-10-03] (LemurLeap)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-08-12] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 winvnc; C:\Program Files\Odborná pomoc Adaptech\WinVNC.exe [643072 2008-01-17] ()
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ASAPIW2k; C:\Windows\System32\drivers\ASAPIW2k.sys [11264 2003-12-04] (Pinnacle Systems GmbH)
S3 AtcL001; C:\Windows\System32\DRIVERS\l151x86.sys [39424 2007-07-03] (Atheros Communications Inc.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-08-12] (AVG Technologies)
R3 AVHybrid; C:\Windows\System32\DRIVERS\AVHybrid.sys [834816 2007-01-31] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [31896 2005-11-25] (DemoForge, LLC)
R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [104160 2012-03-14] (ESET)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [24209 2004-10-29] (FTDI Ltd.)
R2 hlwinnt; C:\WINDOWS\system32\hlwinnt.sys [5248 2002-12-30] ()
R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25624 2008-12-16] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 pctvvbi; C:\Windows\System32\DRIVERS\pctvvbi.sys [6400 2002-11-11] (Pinnacle Systems)
R3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-12-17] (Logitech Inc.)
R3 Pfc; C:\Windows\System32\drivers\pfc.sys [14604 2002-06-17] (Padus, Inc.)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2686104 2008-12-17] (Logitech Inc.)
R1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [79488 2004-05-13] (Protection Technology)
R0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology)
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S2 ROB_A; C:\Windows\System32\DRIVERS\rob_a.sys [17664 2003-02-10] (Pinnacle Systems GmbH)
S2 ROB_V; C:\Windows\System32\drivers\rob_v.sys [125568 2003-04-11] (Pinnacle Systems GmbH)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
R0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023k.sys [11136 2002-08-12] (Microsoft Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation)
R3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 mbr; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-30 02:12 - 2013-11-30 02:13 - 00025004 _____ C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2013-11-30 02:10 - 2013-11-30 02:10 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2013-11-30 02:09 - 2013-11-30 02:07 - 01092049 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2013-11-30 02:08 - 2013-11-30 02:08 - 00000000 ____D C:\FRST
2013-11-30 01:46 - 2013-11-30 01:46 - 00027701 _____ C:\ComboFix.txt
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-11-30 01:38 - 2013-11-30 01:38 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-11-30 01:32 - 2013-11-30 01:32 - 00000000 _RSHD C:\cmdcons
2013-11-30 01:32 - 2009-07-30 16:33 - 00000212 _____ C:\Boot.bak
2013-11-30 01:32 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2013-11-30 01:27 - 2013-11-30 01:46 - 00000000 ____D C:\Qoobox
2013-11-30 01:27 - 2013-11-30 01:45 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-30 01:27 - 2013-11-30 01:27 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Nástroje pro správu
2013-11-30 01:27 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-11-30 01:27 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-11-30 01:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-11-30 01:27 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-11-30 01:23 - 2013-11-30 01:23 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Max Secure Software
2013-11-30 01:22 - 2013-11-30 01:23 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\GetRightToGo
2013-11-29 17:20 - 2013-11-29 17:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\YoutubeBookmark
2013-11-29 17:19 - 2013-11-29 17:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\cae6101d751a7770
2013-11-29 17:19 - 2013-11-29 17:19 - 00001618 _____ C:\Documents and Settings\All Users\Plocha\EZDownloader.lnk
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\WINDOWS\system32\AMD64
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\YoutubeAdblocker
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\surf! and keeeep
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\EZDownloader
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\EZDownloader
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\surf! and keeeep
2013-11-29 16:12 - 2013-11-29 16:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Scientific Software
2013-11-29 16:00 - 2013-11-29 16:00 - 00000621 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2013-11-29 16:00 - 2013-11-29 16:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Iminent
2013-11-29 15:44 - 2013-11-30 01:40 - 00000290 _____ C:\WINDOWS\Tasks\Express FilesUpdate.job
2013-11-29 15:44 - 2013-11-29 15:44 - 00001618 _____ C:\Documents and Settings\All Users\Plocha\Express Files.lnk
2013-11-29 15:44 - 2013-11-29 15:44 - 00001152 _____ C:\Documents and Settings\Uživatel\Plocha\Continue App of the Day.lnk
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Program Files\ExpressFiles
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\ExpressFiles
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\ExpressFiles
2013-11-29 15:35 - 2013-11-29 15:35 - 00000743 _____ C:\Documents and Settings\Uživatel\Plocha\Optimizer Pro.lnk
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Optimizer Pro
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Optimizer Pro
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Optimizer Pro v3.2
2013-11-29 15:34 - 2013-11-30 01:39 - 00005620 _____ C:\Documents and Settings\Uživatel\daemonprocess.txt
2013-11-29 15:34 - 2013-11-29 20:44 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-11-29 15:34 - 2013-11-29 15:49 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mobogenie
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\cache
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Mobogenie
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\.android
2013-11-29 15:33 - 2013-11-29 15:34 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-29 15:33 - 2013-11-29 15:33 - 00000700 _____ C:\Documents and Settings\Uživatel\Plocha\Mobogenie.lnk
2013-11-29 15:33 - 2013-11-29 15:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Mobogenie
2013-11-29 15:31 - 2013-11-29 16:00 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iminent
2013-11-29 15:31 - 2013-11-29 15:31 - 00000000 ____D C:\Program Files\IminentToolbar
2013-11-29 15:31 - 2013-11-29 15:31 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\SIEN SA
2013-11-29 15:30 - 2013-11-29 16:00 - 00000000 ____D C:\Program Files\Iminent
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Iminent
2013-11-29 15:29 - 2013-11-30 01:42 - 00001290 _____ C:\WINDOWS\Tasks\Torntv V6.0-updater.job
2013-11-29 15:29 - 2013-11-30 01:40 - 00001888 _____ C:\WINDOWS\Tasks\Torntv V6.0-chromeinstaller.job
2013-11-29 15:29 - 2013-11-29 16:31 - 00000692 _____ C:\Documents and Settings\Uživatel\Plocha\TornTV.lnk
2013-11-29 15:29 - 2013-11-29 16:31 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Program Files\Torntv V6.0
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
2013-11-25 15:51 - 2013-11-25 15:51 - 00000000 ____D C:\Program Files\Better-Surf
2013-11-14 19:02 - 2013-11-14 19:02 - 00000000 ____D C:\Program Files\BetterSurf
2013-11-14 19:02 - 2013-11-14 19:02 - 00000000 _____ C:\extensions.sqlite
2013-11-14 08:14 - 2013-11-14 08:14 - 00011799 _____ C:\WINDOWS\KB2900986.log
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 08:13 - 2013-11-14 08:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 07:28 - 2013-11-14 08:14 - 00018269 _____ C:\WINDOWS\KB2868626.log
2013-11-14 07:27 - 2013-11-14 08:14 - 00017235 _____ C:\WINDOWS\KB2862152.log
2013-11-14 07:27 - 2013-11-14 08:13 - 00107450 _____ C:\WINDOWS\KB2888505-IE7.log
2013-11-14 07:26 - 2013-11-14 08:13 - 00010822 _____ C:\WINDOWS\KB2876331.log
2013-11-11 18:53 - 2013-11-30 01:40 - 00000282 _____ C:\WINDOWS\Tasks\GoforFilesUpdate.job
2013-11-11 18:53 - 2013-11-11 18:53 - 00001586 _____ C:\Documents and Settings\All Users\Plocha\GoforFiles.lnk
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Program Files\GoforFiles
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\GoforFiles
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\GoforFiles
2013-11-11 18:40 - 2013-11-11 18:40 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Scientific Software
2013-11-11 18:40 - 2013-11-11 18:40 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Program Files\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Scientific Software
2013-11-11 18:26 - 2013-11-22 18:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe

==================== One Month Modified Files and Folders =======

2013-11-30 02:13 - 2013-11-30 02:12 - 00025004 _____ C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2013-11-30 02:12 - 2008-02-11 17:06 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2013-11-30 02:12 - 2008-02-11 17:06 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2013-11-30 02:10 - 2013-11-30 02:10 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2013-11-30 02:10 - 2009-04-03 17:36 - 00000392 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{741F0712-FD23-48B2-861B-F2B0FFD46226}.job
2013-11-30 02:10 - 2008-02-13 10:34 - 00000398 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{F4B8F9A5-2842-43AE-8206-D58A0C9C3AF5}.job
2013-11-30 02:08 - 2013-11-30 02:08 - 00000000 ____D C:\FRST
2013-11-30 02:07 - 2013-11-30 02:09 - 01092049 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2013-11-30 02:05 - 2008-02-11 17:05 - 00032636 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-30 02:05 - 2008-02-11 17:02 - 01839302 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-30 02:03 - 2012-05-05 20:59 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-30 01:56 - 2009-04-23 19:33 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2013-11-30 01:46 - 2013-11-30 01:46 - 00027701 _____ C:\ComboFix.txt
2013-11-30 01:46 - 2013-11-30 01:27 - 00000000 ____D C:\Qoobox
2013-11-30 01:46 - 2013-09-01 20:58 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Seznam.cz
2013-11-30 01:45 - 2013-11-30 01:27 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-30 01:42 - 2013-11-29 15:29 - 00001290 _____ C:\WINDOWS\Tasks\Torntv V6.0-updater.job
2013-11-30 01:42 - 2007-08-02 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-30 01:41 - 2008-02-11 03:13 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-11-30 01:41 - 2008-02-11 03:13 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-30 01:41 - 2007-08-02 13:00 - 00000324 _____ C:\WINDOWS\system.ini
2013-11-30 01:40 - 2013-11-29 15:44 - 00000290 _____ C:\WINDOWS\Tasks\Express FilesUpdate.job
2013-11-30 01:40 - 2013-11-29 15:29 - 00001888 _____ C:\WINDOWS\Tasks\Torntv V6.0-chromeinstaller.job
2013-11-30 01:40 - 2013-11-11 18:53 - 00000282 _____ C:\WINDOWS\Tasks\GoforFilesUpdate.job
2013-11-30 01:40 - 2012-11-25 20:51 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-30 01:40 - 2008-02-11 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-11-30 01:39 - 2013-11-30 01:39 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-11-30 01:39 - 2013-11-29 15:34 - 00005620 _____ C:\Documents and Settings\Uživatel\daemonprocess.txt
2013-11-30 01:39 - 2008-02-11 17:06 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2013-11-30 01:39 - 2008-02-11 03:12 - 00290816 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-11-30 01:39 - 2008-02-11 03:12 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak
2013-11-30 01:39 - 2008-02-11 03:11 - 43778048 _____ C:\WINDOWS\system32\config\software.bak
2013-11-30 01:39 - 2008-02-11 03:11 - 08388608 _____ C:\WINDOWS\system32\config\system.bak
2013-11-30 01:39 - 2008-02-11 03:11 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2013-11-30 01:38 - 2013-11-30 01:38 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-11-30 01:34 - 2008-02-11 17:06 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2013-11-30 01:32 - 2013-11-30 01:32 - 00000000 _RSHD C:\cmdcons
2013-11-30 01:32 - 2008-02-11 03:11 - 00000328 __RSH C:\boot.ini
2013-11-30 01:27 - 2013-11-30 01:27 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Nástroje pro správu
2013-11-30 01:27 - 2008-02-11 17:06 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2013-11-30 01:23 - 2013-11-30 01:23 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Max Secure Software
2013-11-30 01:23 - 2013-11-30 01:22 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\GetRightToGo
2013-11-30 01:21 - 2012-11-25 20:51 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-29 20:44 - 2013-11-29 15:34 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-11-29 17:32 - 2008-02-11 22:39 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-11-29 17:20 - 2013-11-29 17:20 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\YoutubeBookmark
2013-11-29 17:20 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\cae6101d751a7770
2013-11-29 17:20 - 2008-02-11 03:12 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-29 17:19 - 2013-11-29 17:19 - 00001618 _____ C:\Documents and Settings\All Users\Plocha\EZDownloader.lnk
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\WINDOWS\system32\AMD64
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\YoutubeAdblocker
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\surf! and keeeep
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Program Files\EZDownloader
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\EZDownloader
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
2013-11-29 17:19 - 2013-11-29 17:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\surf! and keeeep
2013-11-29 17:19 - 2008-02-11 03:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-29 17:19 - 2008-02-11 03:12 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-29 17:18 - 2013-08-21 23:02 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-11-29 16:51 - 2008-02-11 17:06 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Hudba
2013-11-29 16:50 - 2013-08-12 22:19 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DVDVideoSoft
2013-11-29 16:31 - 2013-11-29 15:29 - 00000692 _____ C:\Documents and Settings\Uživatel\Plocha\TornTV.lnk
2013-11-29 16:31 - 2013-11-29 15:29 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-29 16:12 - 2013-11-29 16:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Scientific Software
2013-11-29 16:00 - 2013-11-29 16:00 - 00000621 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2013-11-29 16:00 - 2013-11-29 16:00 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Iminent
2013-11-29 16:00 - 2013-11-29 15:31 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iminent
2013-11-29 16:00 - 2013-11-29 15:30 - 00000000 ____D C:\Program Files\Iminent
2013-11-29 15:49 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mobogenie
2013-11-29 15:44 - 2013-11-29 15:44 - 00001618 _____ C:\Documents and Settings\All Users\Plocha\Express Files.lnk
2013-11-29 15:44 - 2013-11-29 15:44 - 00001152 _____ C:\Documents and Settings\Uživatel\Plocha\Continue App of the Day.lnk
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Program Files\ExpressFiles
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\ExpressFiles
2013-11-29 15:44 - 2013-11-29 15:44 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\ExpressFiles
2013-11-29 15:44 - 2008-02-11 03:12 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-29 15:39 - 2008-02-11 03:12 - 01146086 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-29 15:35 - 2013-11-29 15:35 - 00000743 _____ C:\Documents and Settings\Uživatel\Plocha\Optimizer Pro.lnk
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Optimizer Pro
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Optimizer Pro
2013-11-29 15:35 - 2013-11-29 15:35 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Optimizer Pro v3.2
2013-11-29 15:35 - 2008-02-11 17:06 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\cache
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Mobogenie
2013-11-29 15:34 - 2013-11-29 15:34 - 00000000 ____D C:\Documents and Settings\Uživatel\.android
2013-11-29 15:34 - 2013-11-29 15:33 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-29 15:34 - 2008-02-11 17:06 - 00000000 ____D C:\Documents and Settings\Uživatel
2013-11-29 15:33 - 2013-11-29 15:33 - 00000700 _____ C:\Documents and Settings\Uživatel\Plocha\Mobogenie.lnk
2013-11-29 15:33 - 2013-11-29 15:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Mobogenie
2013-11-29 15:33 - 2008-02-12 16:10 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-11-29 15:31 - 2013-11-29 15:31 - 00000000 ____D C:\Program Files\IminentToolbar
2013-11-29 15:31 - 2013-11-29 15:31 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\SIEN SA
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-11-29 15:30 - 2013-11-29 15:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Iminent
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Program Files\Torntv V6.0
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-29 15:29 - 2013-11-29 15:29 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
2013-11-25 15:51 - 2013-11-25 15:51 - 00000000 ____D C:\Program Files\Better-Surf
2013-11-23 16:32 - 2010-12-19 16:42 - 00252037 _____ C:\WINDOWS\setupapi.log
2013-11-22 18:55 - 2013-11-11 18:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe
2013-11-22 07:44 - 2009-05-23 12:25 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\dvdcss
2013-11-17 22:48 - 2012-10-07 19:18 - 00000000 ____D C:\Program Files\Vuze_Remote
2013-11-17 22:48 - 2012-10-07 19:18 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Vuze_Remote
2013-11-17 22:47 - 2011-06-17 19:24 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\PriceGong
2013-11-17 22:40 - 2010-03-15 20:48 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Conduit
2013-11-14 19:02 - 2013-11-14 19:02 - 00000000 ____D C:\Program Files\BetterSurf
2013-11-14 19:02 - 2013-11-14 19:02 - 00000000 _____ C:\extensions.sqlite
2013-11-14 08:14 - 2013-11-14 08:14 - 00011799 _____ C:\WINDOWS\KB2900986.log
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 08:14 - 2013-11-14 08:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 08:14 - 2013-11-14 07:28 - 00018269 _____ C:\WINDOWS\KB2868626.log
2013-11-14 08:14 - 2013-11-14 07:27 - 00017235 _____ C:\WINDOWS\KB2862152.log
2013-11-14 08:14 - 2008-02-12 16:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-14 08:14 - 2008-02-11 22:24 - 00412835 _____ C:\WINDOWS\updspapi.log
2013-11-14 08:14 - 2008-02-11 03:12 - 02856431 _____ C:\WINDOWS\FaxSetup.log
2013-11-14 08:14 - 2008-02-11 03:12 - 01385681 _____ C:\WINDOWS\ocgen.log
2013-11-14 08:14 - 2008-02-11 03:12 - 01318266 _____ C:\WINDOWS\tsoc.log
2013-11-14 08:14 - 2008-02-11 03:12 - 01145852 _____ C:\WINDOWS\iis6.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00931029 _____ C:\WINDOWS\comsetup.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00563729 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00502166 ____C C:\WINDOWS\netfxocm.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00199435 ____C C:\WINDOWS\MedCtrOC.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00171678 _____ C:\WINDOWS\ocmsn.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00144199 _____ C:\WINDOWS\tabletoc.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00143575 _____ C:\WINDOWS\msgsocm.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 08:14 - 2008-02-11 03:12 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 08:13 - 2013-11-14 08:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 08:13 - 2013-11-14 07:27 - 00107450 _____ C:\WINDOWS\KB2888505-IE7.log
2013-11-14 08:13 - 2013-11-14 07:26 - 00010822 _____ C:\WINDOWS\KB2876331.log
2013-11-14 08:12 - 2013-08-15 01:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 08:09 - 2008-02-11 22:29 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-11 18:53 - 2013-11-11 18:53 - 00001586 _____ C:\Documents and Settings\All Users\Plocha\GoforFiles.lnk
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Program Files\GoforFiles
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\GoforFiles
2013-11-11 18:53 - 2013-11-11 18:53 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\GoforFiles
2013-11-11 18:40 - 2013-11-11 18:40 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Scientific Software
2013-11-11 18:40 - 2013-11-11 18:40 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Program Files\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\Scientific Software
2013-11-11 18:38 - 2013-11-11 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Scientific Software
2013-11-11 18:38 - 2008-02-11 03:12 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty
2013-11-11 18:25 - 2008-02-27 09:47 - 00001097 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Internet Explorer.lnk
2013-11-11 05:50 - 2009-10-03 00:31 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Documents and Settings\Tonda\Local Settings\Temp\AUMgr.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\comver.dll
C:\Documents and Settings\Tonda\Local Settings\Temp\GoogleChromeInstaller.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\gtapi.dll
C:\Documents and Settings\Tonda\Local Settings\Temp\InstallCasino.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\jre-6u11-windows-i586-p-iftw_196cf524.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\Nokia_PC_Suite_7_1_18_0_cze.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\Nokia_PC_Suite_7_1_26_0_cze.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\patch_2.1.5.2004.en_2.1.5.2010.en.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\qc_quickcam.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\SecurityScan_Release.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is104.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is132.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is1A6.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is2.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is26D.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is304.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is308.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_is747.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_isA4.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_isA8.exe
C:\Documents and Settings\Tonda\Local Settings\Temp\_unps.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2007-08-02 13:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2007-08-02 13:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2007-08-02 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2007-08-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2007-08-02 13:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2007-08-02 13:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2007-08-02 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Express FilesUpdate.job => C:\Program Files\ExpressFiles\EFUpdater.exe
Task: C:\WINDOWS\Tasks\GoforFilesUpdate.job => C:\Program Files\GoforFiles\GFFUpdater.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Torntv V6.0-chromeinstaller.job => C:\Program Files\Torntv V6.0\Torntv V6.0-chromeinstaller.exe
Task: C:\WINDOWS\Tasks\Torntv V6.0-updater.job => C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{741F0712-FD23-48B2-861B-F2B0FFD46226}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F4B8F9A5-2842-43AE-8206-D58A0C9C3AF5}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\msadws.theme:NTOSCHK
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720

==================== Security Center ==================

AV: ESET NOD32 Antivirus 5.2 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uivatel\Plocha" je 943 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\$Volumouse$
"C:\Program Files\Volumouse\volumouse.exe" /nodlg [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE
C:\WINDOWS\system32\hkcmd.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\WINDOWS\system32\igfxtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
"C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\WINDOWS\system32\igfxpers.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
C:\Program Files\Restore Desktop\RestoreDesktop.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestoreDesktop
"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
C:\Program Files\Analog Devices\Core\smax4pnp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
"C:\Program Files\Windows Defender\MSASCui.exe" -hide [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
"C:\Program Files\Odborn pomoc Adaptech\WinVNC.exe" -servicehelper [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Pinnacle Scheduler.lnk
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\SCHEDU~1\PCLESC~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^VirtuaWin.lnk
C:\PROGRA~1\VIRTUA~1\VIRTUA~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^WinKey.lnk
C:\PROGRA~1\WinKey\WinKey.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"="C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe:*:Enabled:iMesh"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Pinnacle\\Pinnacle PCTV\\TeleText\\WebServer.exe"="C:\\Program Files\\Pinnacle\\Pinnacle PCTV\\TeleText\\WebServer.exe:*:Enabled:WebServer"
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\\Program Files\\eclipse\\eclipse.exe"="C:\\Program Files\\eclipse\\eclipse.exe:*:Enabled:eclipse"
"C:\\Documents and Settings\\Tonda\\Plocha\\YuLeech-RunesofMagic2_0_1_1821-de.exe"="C:\\Documents and Settings\\Tonda\\Plocha\\YuLeech-RunesofMagic2_0_1_1821-de.exe:*:Enabled:FOG Downloader"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\ArcSoft\\TotalMedia 3\\TotalMedia.exe"="C:\\Program Files\\ArcSoft\\TotalMedia 3\\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3"
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"="C:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe"="C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe:*:Enabled:ESET NOD32 Antivirus"
"C:\\WINDOWS\\system32\\msiexec.exe"="C:\\WINDOWS\\system32\\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"="C:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\\WINDOWS\\system32\\dmwu.exe"="C:\\WINDOWS\\system32\\dmwu.exe:*:Enabled:dmwu"
"C:\\WINDOWS\\system32\\ARFC\\wrtc.exe"="C:\\WINDOWS\\system32\\ARFC\\wrtc.exe:*:Enabled:wrtc"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Documents and Settings\\All Users\\Data aplikac\\eSafe\\eGdpSvc.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\eSafe\\eGdpSvc.exe:*:Enabled:WsysSvc"
"C:\\Program Files\\GoforFiles\\goforfilesdl.exe"="C:\\Program Files\\GoforFiles\\goforfilesdl.exe:*:Enabled:GoforFiles"
"C:\\Program Files\\GoforFiles\\GoforFiles.exe"="C:\\Program Files\\GoforFiles\\GoforFiles.exe:*:Enabled:GoforFiles"
"C:\\Program Files\\TornTV.com\\TornTV Downloader.exe"="C:\\Program Files\\TornTV.com\\TornTV Downloader.exe:*:Disabled:TorntvDownloader"
"C:\\Program Files\\Iminent\\Iminent.exe"="C:\\Program Files\\Iminent\\Iminent.exe:*:Enabled:Iminent Firewall Rule"
"C:\\Program Files\\Iminent\\Iminent.Messengers.exe"="C:\\Program Files\\Iminent\\Iminent.Messengers.exe:*:Enabled:Iminent.Messengers Firewall Rule"
"C:\\Program Files\\ExpressFiles\\expressdl.exe"="C:\\Program Files\\ExpressFiles\\expressdl.exe:*:Enabled:Express Files"
"C:\\Program Files\\ExpressFiles\\ExpressFiles.exe"="C:\\Program Files\\ExpressFiles\\ExpressFiles.exe:*:Enabled:Express Files"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravim

Jedna se o domaci PC nebo nejaky firemni\pracovni

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Dobrý den,

jedná se o domácí soukromé PC. Na vašem webu jsem hledala pomoc již před x lety, takže když jsem zjistila problém, dostala jsem se na stránku s programy, combofix mi uvízl v paměti. Takže jsem otevřela tu stránku s bližšíma informacema, kde byl návad, jak spustit a vytvořit log. Ten mám i uložený. Pak jsem se teprve proklikla na fórum, kde jsem se dočetla, že mám vytvořit log ve FRST, a ten jsem sem teda vložila. Přirozeně sdělením v jednom či druhém logu vůbec nerozumím, takže na základě toho jsem se na vás obrátila s prosbou o pomoc.

Píšu teď diplomku, v neděli večer bych to měla odevzdat, mám problém s tím, že se po nějaké době počítač kousne, když pracuju se dvěma word dokumenty najednou. Jsem ve stresu, takže je možné, že jsem z nepozornosti někde něco špatně pochopila nebo nevím:-(... Kdyby se neděl opakovaně ten problém s wordem, asi bych to řešila třeba o pár dnů později, nevím...

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

VIRY.CZ

Zpomalený PC, antivirus pořád s něčím bojuje

Zpomalený PC, antivirus pořád s něčím bojuje

Re: Zpomalený PC, antivirus pořád s něčím bojuje

Re: Zpomalený PC, antivirus pořád s něčím bojuje

Re: Zpomalený PC, antivirus pořád s něčím bojuje