VIRY.CZ

Zdravím, mám nějakou škodnou v PC, pomůžete prosím....

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Administrator (administrator) on SD-E475094E471F on 17-02-2014 09:38:18
Running from C:\Documents and Settings\Administrator\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Acresso Corporation) C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Almico Software (www.almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
() C:\Program Files\Pirrit\AutoUpdater.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
() C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe
(C. Ghisler & Co.) C:\Program Files\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [8523776 2009-02-18] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [81920 2009-02-18] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-07] (AVAST Software)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort12reminder] - C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-746137067-1035525444-725345543-500\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-746137067-1035525444-725345543-500\...\Run: [DIMProbíhá stahování aktualizace...1300677038363] - c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe [95592 2010-01-13] (Corel Corporation)
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {A8105727-97B2-4B68-8BA5-57150A17B1B3} URL = http://eseeky.com/ws/?source=728386ab?t ... earchTerms}
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google SSL
FF SelectedSearchEngine: Google SSL
FF Homepage: chrome://foxcub/content/speedDial/speedDial.html
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\eseeky-search.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\googletranslate.xml
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-11-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-14]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-07] (AVAST Software)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-24] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
U2 PirritDesktop; C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [362496 2012-06-28] (SafeNet Inc.)
R3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238208 2009-03-13] (Aladdin Knowledge Systems Ltd.)
R3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46720 2011-08-25] (SafeNet Inc.)
R3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [289152 2012-06-06] (SafeNet Inc.)
R1 AsrAppCharger; C:\WINDOWS\System32\DRIVERS\AsrAppCharger.sys [15656 2011-11-07] (Windows (R) Win 7 DDK provider)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-14] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-01-01] ()
R3 cmuda; C:\WINDOWS\System32\drivers\cmuda.sys [1332544 2005-05-12] (C-Media Inc)
R0 d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( )
R0 d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [5248 2004-08-22] ( )
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] ()
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [596424 2011-08-10] (SafeNet Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 ALSysIO; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ALSysIO.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-17 09:38 - 2014-02-17 09:38 - 00015880 _____ () C:\Documents and Settings\Administrator\Plocha\FRST.txt
2014-02-17 09:38 - 2014-02-17 09:38 - 00000000 ____D () C:\FRST
2014-02-17 09:37 - 2014-02-17 09:37 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2014-02-17 09:35 - 2014-02-17 09:35 - 01141248 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2014-02-16 16:43 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-16 16:07 - 2014-02-16 16:26 - 00000000 ____D () C:\AdwCleaner
2014-02-16 15:22 - 2014-02-16 15:22 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2014-02-16 15:21 - 2014-02-17 09:31 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 15:21 - 2014-02-17 07:48 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-16 15:21 - 2014-02-16 15:22 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google
2014-02-16 15:21 - 2014-02-16 15:21 - 00000000 ____D () C:\Program Files\Google
2014-02-15 07:37 - 2014-02-15 07:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor
2014-02-15 07:27 - 2014-02-15 07:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 19:21 - 2014-02-13 19:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-13 18:59 - 2014-02-13 18:59 - 00011500 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-13 18:58 - 2014-02-13 18:59 - 00004215 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-13 11:20 - 2014-02-13 11:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\Vizitky
2014-02-13 08:19 - 2014-02-13 19:21 - 00013178 _____ () C:\WINDOWS\KB2916036.log
2014-02-10 10:17 - 2014-02-10 10:17 - 00022841 _____ () C:\WINDOWS\FontData.fdb
2014-01-31 16:05 - 2014-01-31 16:07 - 00000753 _____ () C:\Documents and Settings\All Users\Plocha\Mobile Media Converter.lnk
2014-01-31 15:19 - 2014-01-31 16:15 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\MIKSOFT
2014-01-31 15:17 - 2014-01-31 16:05 - 00000000 ____D () C:\Program Files\MIKSOFT
2014-01-31 15:13 - 2014-01-31 15:13 - 00000814 _____ () C:\Documents and Settings\Administrator\Plocha\Wave Editor.lnk
2014-01-31 15:13 - 2014-01-31 15:13 - 00000000 ____D () C:\Program Files\Abyssmedia
2014-01-31 15:13 - 2014-01-31 15:13 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Abyssmedia
2014-01-31 11:11 - 2014-01-31 11:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini013114-01.dmp
2014-01-28 09:52 - 2014-01-31 11:11 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-28 09:52 - 2014-01-28 09:52 - 00090112 _____ () C:\WINDOWS\Minidump\Mini012814-01.dmp
2014-01-24 18:37 - 2014-01-24 18:37 - 00000000 ____D () C:\WINDOWS\Sun
2014-01-24 18:37 - 2014-01-24 18:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Sun
2014-01-24 18:36 - 2014-01-24 18:36 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-01-24 18:36 - 2014-01-24 18:36 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Sun
2014-01-24 18:36 - 2014-01-24 18:35 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-24 18:36 - 2014-01-24 18:35 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-24 18:35 - 2014-01-24 18:35 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-24 18:35 - 2014-01-24 18:35 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-24 18:35 - 2014-01-24 18:35 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Program Files\Java
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2014-01-24 18:33 - 2014-01-24 18:33 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Sun
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\FileViewPro
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\IsolatedStorage
2014-01-21 13:58 - 2014-01-21 13:58 - 00000000 ____D () C:\Spacekace
2014-01-21 13:25 - 2014-01-22 08:19 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\My Digital Editions
2014-01-21 13:25 - 2014-01-21 13:25 - 00001833 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Digital Editions 2.0.lnk
2014-01-21 13:25 - 2014-01-21 13:25 - 00001827 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Digital Editions 2.0.lnk
2014-01-21 13:25 - 2014-01-21 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe
2014-01-21 13:25 - 2014-01-21 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe_Systems_Incorporate
2014-01-20 20:26 - 2014-01-20 20:26 - 00000000 ___RD () C:\Documents and Settings\LocalService\Dokumenty

==================== One Month Modified Files and Folders =======

2014-02-17 09:38 - 2014-02-17 09:38 - 00015880 _____ () C:\Documents and Settings\Administrator\Plocha\FRST.txt
2014-02-17 09:38 - 2014-02-17 09:38 - 00000000 ____D () C:\FRST
2014-02-17 09:38 - 2013-11-06 19:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Plocha
2014-02-17 09:37 - 2014-02-17 09:37 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2014-02-17 09:37 - 2013-11-06 19:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2014-02-17 09:35 - 2014-02-17 09:35 - 01141248 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2014-02-17 09:31 - 2014-02-16 15:21 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 09:27 - 2013-11-07 22:01 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\_ZUZKA
2014-02-17 09:17 - 2013-11-06 22:22 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-17 09:00 - 2013-11-14 00:10 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-02-17 08:47 - 2013-11-06 19:47 - 00002068 _____ () C:\WINDOWS\wincmd.ini
2014-02-17 07:50 - 2013-11-06 19:13 - 01879518 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-17 07:48 - 2014-02-16 15:21 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 07:48 - 2013-11-07 11:03 - 00000000 ____D () C:\Program Files\SpeedFan
2014-02-17 07:48 - 2013-11-06 19:59 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-17 07:48 - 2013-11-06 19:59 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-17 07:48 - 2013-11-06 19:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-16 17:10 - 2013-11-06 19:20 - 00032490 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-16 17:10 - 2013-11-06 19:20 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-02-16 17:01 - 2013-11-07 18:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-02-16 16:59 - 2013-11-07 00:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\amazon
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-16 16:43 - 2014-02-16 16:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2014-02-16 16:43 - 2013-11-06 19:56 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-02-16 16:43 - 2013-11-06 19:54 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-02-16 16:43 - 2013-11-06 19:20 - 00000000 __RHD () C:\Documents and Settings\Administrator\Data aplikací
2014-02-16 16:42 - 2013-11-06 19:56 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-02-16 16:26 - 2014-02-16 16:07 - 00000000 ____D () C:\AdwCleaner
2014-02-16 16:17 - 2013-11-06 20:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory
2014-02-16 15:22 - 2014-02-16 15:22 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2014-02-16 15:22 - 2014-02-16 15:21 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google
2014-02-16 15:21 - 2014-02-16 15:21 - 00000000 ____D () C:\Program Files\Google
2014-02-16 13:38 - 2013-11-07 13:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\_Zakázky
2014-02-16 11:53 - 2013-11-06 19:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-16 11:53 - 2001-10-25 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-15 12:55 - 2013-11-06 19:20 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-02-15 10:32 - 2013-11-07 15:37 - 00000000 ____D () C:\Program Files\GeusISKN
2014-02-15 07:37 - 2014-02-15 07:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor
2014-02-15 07:27 - 2014-02-15 07:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 12:25 - 2013-11-28 17:36 - 00468736 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2014-02-14 12:25 - 2013-11-06 19:20 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2014-02-14 12:20 - 2013-11-28 16:30 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\Corel
2014-02-14 11:43 - 2013-11-07 14:18 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-14 08:49 - 2013-11-07 16:04 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\Zákony_vyhlášky_vzory
2014-02-13 19:21 - 2014-02-13 19:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-13 19:21 - 2014-02-13 08:19 - 00013178 _____ () C:\WINDOWS\KB2916036.log
2014-02-13 19:21 - 2013-11-06 19:57 - 00062464 _____ () C:\WINDOWS\ocmsn.log
2014-02-13 19:21 - 2013-11-06 19:56 - 01114335 _____ () C:\WINDOWS\iis6.log
2014-02-13 19:21 - 2013-11-06 19:56 - 01000830 _____ () C:\WINDOWS\FaxSetup.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00487601 _____ () C:\WINDOWS\ocgen.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00460621 _____ () C:\WINDOWS\tsoc.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00343614 _____ () C:\WINDOWS\comsetup.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00320650 _____ () C:\WINDOWS\msmqinst.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00206407 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00175744 _____ () C:\WINDOWS\netfxocm.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00071266 _____ () C:\WINDOWS\MedCtrOC.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00051168 _____ () C:\WINDOWS\tabletoc.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00050155 _____ () C:\WINDOWS\msgsocm.log
2014-02-13 19:21 - 2013-11-06 19:56 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-13 19:21 - 2013-11-06 19:29 - 00166191 _____ () C:\WINDOWS\updspapi.log
2014-02-13 19:13 - 2013-11-06 19:56 - 01175088 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 19:09 - 2013-11-07 18:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-13 19:06 - 2013-11-07 18:37 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-13 18:59 - 2014-02-13 18:59 - 00011500 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-13 18:59 - 2014-02-13 18:58 - 00004215 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-13 18:59 - 2013-11-07 18:52 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-13 18:59 - 2013-11-06 19:56 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-13 11:20 - 2014-02-13 11:20 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\Vizitky
2014-02-13 11:20 - 2013-11-06 19:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Dokumenty
2014-02-13 11:11 - 2014-01-06 14:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\MyWebPages
2014-02-10 10:17 - 2014-02-10 10:17 - 00022841 _____ () C:\WINDOWS\FontData.fdb
2014-02-07 11:38 - 2013-12-23 11:14 - 00001525 _____ () C:\Documents and Settings\All Users\Plocha\GEOMETR 17.0.lnk
2014-02-07 11:38 - 2013-12-23 11:14 - 00000000 ____D () C:\Program Files\Geometr170
2014-02-07 11:38 - 2013-11-07 15:37 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\GEUS
2014-02-07 11:35 - 2013-12-23 11:12 - 00001528 _____ () C:\Documents and Settings\All Users\Plocha\GEUS 18.0.lnk
2014-02-07 11:35 - 2013-12-23 11:12 - 00000000 ____D () C:\Program Files\Geus180
2014-02-07 11:35 - 2013-11-07 15:37 - 00000000 ____D () C:\Program Files\GeusPrint
2014-02-07 09:17 - 2013-11-06 22:22 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-07 09:17 - 2013-11-06 22:22 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-07 09:01 - 2013-11-14 00:10 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-02-07 09:01 - 2013-11-14 00:10 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-02-07 09:00 - 2013-11-14 00:10 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-07 09:00 - 2013-11-14 00:10 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-02-07 09:00 - 2013-11-14 00:10 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-02-07 09:00 - 2013-11-14 00:10 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-02-07 09:00 - 2013-11-14 00:10 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-07 09:00 - 2013-11-06 19:41 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-06 04:38 - 2013-09-23 08:39 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-06 04:38 - 2004-08-17 14:49 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08 - 2013-11-07 18:53 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-06 00:08 - 2013-11-07 18:52 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-06 00:08 - 2013-09-23 08:39 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-06 00:08 - 2009-03-08 14:09 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-06 00:08 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08 - 2009-03-08 04:34 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-06 00:08 - 2009-03-08 04:34 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-06 00:08 - 2009-03-08 04:34 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-06 00:08 - 2009-03-08 04:33 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-06 00:08 - 2009-03-08 04:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-06 00:08 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 00:08 - 2004-08-17 14:49 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08 - 2004-08-17 14:49 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24 - 2009-03-08 04:32 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-05 23:24 - 2004-08-17 14:49 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 23:24 - 2004-08-17 14:44 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-03 18:52 - 2014-01-06 11:47 - 00478360 _____ () C:\WINDOWS\DPINST.LOG
2014-01-31 20:12 - 2013-11-07 16:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\UOZI
2014-01-31 16:15 - 2014-01-31 15:19 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\MIKSOFT
2014-01-31 16:07 - 2014-01-31 16:05 - 00000753 _____ () C:\Documents and Settings\All Users\Plocha\Mobile Media Converter.lnk
2014-01-31 16:05 - 2014-01-31 15:17 - 00000000 ____D () C:\Program Files\MIKSOFT
2014-01-31 15:13 - 2014-01-31 15:13 - 00000814 _____ () C:\Documents and Settings\Administrator\Plocha\Wave Editor.lnk
2014-01-31 15:13 - 2014-01-31 15:13 - 00000000 ____D () C:\Program Files\Abyssmedia
2014-01-31 15:13 - 2014-01-31 15:13 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Abyssmedia
2014-01-31 11:11 - 2014-01-31 11:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini013114-01.dmp
2014-01-31 11:11 - 2014-01-28 09:52 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-28 09:52 - 2014-01-28 09:52 - 00090112 _____ () C:\WINDOWS\Minidump\Mini012814-01.dmp
2014-01-27 10:02 - 2013-11-06 19:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Dokumenty\Hudba
2014-01-24 18:37 - 2014-01-24 18:37 - 00000000 ____D () C:\WINDOWS\Sun
2014-01-24 18:37 - 2014-01-24 18:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Sun
2014-01-24 18:36 - 2014-01-24 18:36 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-01-24 18:36 - 2014-01-24 18:36 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Sun
2014-01-24 18:35 - 2014-01-24 18:36 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-24 18:35 - 2014-01-24 18:36 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-24 18:35 - 2014-01-24 18:35 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-24 18:35 - 2014-01-24 18:35 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-24 18:35 - 2014-01-24 18:35 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Program Files\Java
2014-01-24 18:35 - 2014-01-24 18:35 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2014-01-24 18:33 - 2014-01-24 18:33 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\Sun
2014-01-22 09:28 - 2013-11-06 19:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Dokumenty\Obrázky
2014-01-22 08:19 - 2014-01-21 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Dokumenty\My Digital Editions
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\FileViewPro
2014-01-21 14:03 - 2014-01-21 14:03 - 00000000 ____D () C:\Documents and Settings\Administrator\Data aplikací\IsolatedStorage
2014-01-21 14:02 - 2013-11-06 19:40 - 00037760 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-01-21 13:58 - 2014-01-21 13:58 - 00000000 ____D () C:\Spacekace
2014-01-21 13:25 - 2014-01-21 13:25 - 00001833 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Digital Editions 2.0.lnk
2014-01-21 13:25 - 2014-01-21 13:25 - 00001827 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Digital Editions 2.0.lnk
2014-01-21 13:25 - 2014-01-21 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe
2014-01-21 13:25 - 2014-01-21 13:25 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe_Systems_Incorporate
2014-01-21 13:25 - 2013-11-06 20:12 - 00000000 ____D () C:\Program Files\Adobe
2014-01-20 20:26 - 2014-01-20 20:26 - 00000000 ___RD () C:\Documents and Settings\LocalService\Dokumenty
2014-01-20 20:26 - 2014-01-06 11:47 - 00001739 _____ () C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2014-01-20 20:26 - 2014-01-06 11:47 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2014-01-20 20:26 - 2013-11-06 20:43 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-01-20 20:26 - 2013-11-06 19:20 - 00000000 __SHD () C:\Documents and Settings\LocalService

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\lhkerail.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\sfareca00001.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\tempdotnetinstall.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\_is1DA.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-17 14:49] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2004-08-17 14:49] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Administrator\Plocha" je 1 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\WINDOWS\\system32\\hasplms.exe"="C:\\WINDOWS\\system32\\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\\Program Files\\GeusISKN\\GeusISKN.exe"="C:\\Program Files\\GeusISKN\\GeusISKN.exe:*:Enabled:GeusISKN"
"C:\\Program Files\\Bentley\\Program\\MicroStation\\ustation.exe"="C:\\Program Files\\Bentley\\Program\\MicroStation\\ustation.exe:*:Enabled:MicroStation for Windows x86"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\FaxApplications.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 FaxApplications"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\DigitalWizards.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 DigitalWizards"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\SendAFax.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 SendFaxAppExe"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\DeviceSetup.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\DeviceSetup.exe:LocalSubNet:Enabled:Instalace zazen HP (HP Officejet 7500 E910)"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\HPNetworkCommunicator.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\HPNetworkCommunicator.exe:LocalSubNet:Enabled:Sov komunikan program HP (HP Officejet 7500 E910)"
"C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\HPNetworkCommunicatorCom.exe"="C:\\Program Files\\HP\\HP Officejet 7500 E910\\Bin\\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:Sov komunikan program HP COM (HP Officejet 7500 E910)"
"C:\\Program Files\\Brother\\Brmfl10g\\FAXRX.exe"="C:\\Program Files\\Brother\\Brmfl10g\\FAXRX.exe:*:Enabled:FAXRX.EXE"
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"54925:UDP"="54925:UDP:*:Enabled:BrotherNetwork Scanner"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím,

Stáhni Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Ulož nejlépe na plochu
Ukonči všechny programy a dvojklikem SC spusť
Proběhne skenování a pak se objevi log, případně bude uložen v místě spuštení jako sc-cleaner.txt, jeho obsah sem vlož

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Pokud jsi v AdwCleaneru dal volbu "Clean" dej mi C:\AdwCleaner\AdwCleaner[S?]

výsledný log MBAM po smazání nálezu?

Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 02/17/2014 03:46:35 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\Administrator\Nabídka Start\

Searching C:\Documents and Settings\All Users\Nabídka Start\

Searching C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Documents and Settings\All Users\Plocha\

Searching C:\Documents and Settings\Administrator\Plocha

0 bad shortcuts found.

Program finished at: 02/17/2014 03:46:38 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on po 17.02.2014 at 15:52:39,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 17.02.2014 at 16:07:01,31
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.018 - Report created 16/02/2014 at 16:18:41
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - SD-E475094E471F
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\antimalware\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1490 octets] - [16/02/2014 16:07:46]
AdwCleaner[R1].txt - [1146 octets] - [16/02/2014 16:17:17]
AdwCleaner[S0].txt - [1575 octets] - [16/02/2014 16:10:04]
AdwCleaner[S1].txt - [1068 octets] - [16/02/2014 16:18:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1128 octets] ##########

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.16.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: SD-E475094E471F [administrátor]

Ochrana: Povolena

16.2.2014 16:49:59
mbam-log-2014-02-16 (16-49-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213264
Uplynulý čas: 7 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Špatný: (0) Dobrý: (1) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\Administrator\Data aplikací\amazon\amazon.exe (PUP.Optional.Searchprotect) -> Přesun do karantény a smazání se zdařilo.

(konec)

stáhni a spusť http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
některé Antiviry jej mohou blokovat, proto je budeš muset na tu chvíli odstavit
vyčkej až se program spustí a provede prescan, pak
- Zvol možnost Prohledat a poté Smazat a následně Zpráva - otevře se log, ten sem vlož
- Pak klikni na Oprava host a Zpráva - otevře se log, ten sem vlož

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
srinfo;
autoclean;
emptyclsid;
iedefaults;
process;
hijackthis;
emptyalltemp;
resethosts;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Odebrat -- Datum : 02/17/2014 17:18:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] PirritService.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] PirritDesktop.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : DIMProbíhá stahování aktualizace...1300677038363 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\documents and settings\all users\data aplikací\corel\downloads\540215253_410003\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\administrator\data aplikací\corel\messages\540215253_410003\cz\messagecache1\workflow" [7][-][-]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-1035525444-725345543-500\[...]\Run : DIMProbíhá stahování aktualizace...1300677038363 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\documents and settings\all users\data aplikací\corel\downloads\540215253_410003\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\administrator\data aplikací\corel\messages\540215253_410003\cz\messagecache1\workflow" [7][-][-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\AvastSS.scr [7]) -> NAHRAZENO (C:\WINDOWS\system32\logon.scr)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[Administrator][SUSP UNIC] SpeedFan.lnk : C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\SpeedFan.lnk [-] -> VYMAZÁNO
[All Users][SUSP UNIC] HP Digital Imaging Monitor.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk [-] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[122] : NtOpenProcess @ 0x80574BC1 -> HOOKED (C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xB64E6C4C)
[Address] SSDT[128] : NtOpenThread @ 0x80590CFC -> HOOKED (C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xB64E6D3C)
[Inline] EAT @firefox.exe (LdrLoadDll) : ntdll.dll -> HOOKED (C:\Program Files\Mozilla Firefox\mozglue.dll @ 0x00461FFD)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

127.0.0.1 localhost
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5003ABYX-01WERA2 +++++
--- User ---
[MBR] 843864d6c4a6ddd1390ca4d10c729335
[BSP] 0c4baaf48ab2432f0d3b08c1a7bf051e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_02172014_171819.txt >>
RKreport[0]_S_02172014_171807.txt

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/17/2014 17:19:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] PirritService.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] PirritDesktop.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

127.0.0.1 localhost
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
[...]

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_02172014_171954.txt >>
RKreport[0]_D_02172014_171819.txt;RKreport[0]_S_02172014_171807.txt

Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by Administrator on po 17.02.2014 at 17:43:32,85.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Administrator\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.2.2014 17:45:44 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
C:\Program Files\Pirrit\AutoUpdater.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Administrator\Plocha\zoek.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritUpdater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PirritUpdater deleted successfully

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Adobe not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\AVAST Software not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Bentley not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Brother not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\ControlCenter4 not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Corel not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\CyberLink not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\FLEXnet not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\HP not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Malwarebytes not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Microsoft not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Microsoft Help not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Mozilla not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Nuance not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\PDF Writer not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Protexis not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\ScanSoft not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Sony not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\Sun not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\TEMP not found
C:\Documents and Settings\All Users\Data aplikacˇ\C:\Documents and Settings\All Users\Data aplikací\zeon not found
"C:\Documents and Settings\Administrator\Data aplikací\Sun" not found
"C:\Documents and Settings\Administrator\Data aplikací\Corel" not found
"C:\Documents and Settings\Administrator\Data aplikací\amazon" not found
"C:\Documents and Settings\Administrator\Data aplikací\Nuance" not found
"C:\Documents and Settings\Administrator\Data aplikací\Pirrit" not found
"C:\Documents and Settings\Administrator\Data aplikací\Bentley" not found
"C:\Documents and Settings\Administrator\Data aplikací\Brother" not found
"C:\Documents and Settings\Administrator\Data aplikací\FLEXnet" not found
C:\WINDOWS\002674_.tmp deleted
C:\WINDOWS\SET3.tmp deleted
C:\WINDOWS\SET4.tmp deleted
C:\WINDOWS\SET8.tmp deleted
C:\WINDOWS\Wininit.ini deleted
"C:\Program Files\Pirrit\AutoUpdater.exe" deleted
"C:\Program Files\Pirrit\msvcp100.dll" deleted
"C:\Program Files\Pirrit\msvcr100.dll" deleted
"C:\Program Files\Pirrit\QtCore4.dll" deleted
"C:\Program Files\Pirrit\QtNetwork4.dll" deleted
"C:\Program Files\Pirrit" deleted

======== System Restore Points ========

RP40: 19.11.2013 9:19:04 - Ovladače rozhraní DirectX
RP41: 19.11.2013 9:20:41 - Installed Bentley MicroStation V8 XM Edition 08.09.03.65
RP42: 19.11.2013 10:41:24 - Removed Bentley MicroStation V8 XM Edition 08.09.03.65
RP43: 21.11.2013 13:11:18 - Kontrolní bod systému
RP44: 22.11.2013 14:06:37 - Kontrolní bod systému
RP45: 25.11.2013 8:02:52 - Kontrolní bod systému
RP46: 26.11.2013 12:39:12 - Kontrolní bod systému
RP47: 27.11.2013 18:53:22 - Kontrolní bod systému
RP48: 29.11.2013 8:18:28 - Kontrolní bod systému
RP49: 1.12.2013 8:58:37 - Kontrolní bod systému
RP50: 2.12.2013 12:19:18 - Kontrolní bod systému
RP51: 3.12.2013 15:47:40 - Kontrolní bod systému
RP52: 5.12.2013 7:51:54 - Kontrolní bod systému
RP53: 6.12.2013 8:13:19 - Kontrolní bod systému
RP54: 9.12.2013 15:35:05 - Kontrolní bod systému
RP55: 11.12.2013 8:17:15 - Kontrolní bod systému
RP56: 11.12.2013 8:58:06 - Software Distribution Service 3.0
RP57: 12.12.2013 9:48:03 - Kontrolní bod systému
RP58: 13.12.2013 8:51:57 - Software Distribution Service 3.0
RP59: 13.12.2013 10:26:35 - Installed DAEMON Tools
RP60: 13.12.2013 10:36:05 - Nainstalováno: Microsoft Office Professional Edition 2003
RP61: 14.12.2013 16:18:05 - Kontrolní bod systému
RP62: 16.12.2013 6:55:35 - Kontrolní bod systému
RP63: 17.12.2013 13:29:13 - Kontrolní bod systému
RP64: 19.12.2013 15:05:16 - Kontrolní bod systému
RP65: 22.12.2013 10:58:05 - Kontrolní bod systému
RP66: 23.12.2013 10:58:47 - Kontrolní bod systému
RP67: 30.12.2013 11:43:37 - Kontrolní bod systému
RP68: 1.1.2014 10:08:21 - avast! antivirus system restore point
RP69: 2.1.2014 12:36:56 - Kontrolní bod systému
RP70: 6.1.2014 11:43:20 - Installed Windows Media Format Runtime
RP71: 6.1.2014 11:43:58 - Installed Windows XP Wudf01000.
RP72: 6.1.2014 11:47:37 - Sony PC Companion
RP73: 6.1.2014 11:52:30 - Sony PC Companion
RP74: 6.1.2014 11:54:06 - Sony PC Companion
RP75: 6.1.2014 11:59:48 - Software Distribution Service 3.0
RP76: 6.1.2014 14:48:03 - Installed MSXML 4.0 SP3 Parser
RP77: 6.1.2014 14:48:15 - Nainstalováno: Microsoft Visual C++ 2005 Redistributable
RP78: 6.1.2014 14:49:13 - Nainstalováno: Nuance PaperPort 12
RP79: 6.1.2014 14:50:33 - Nainstalováno Nuance PDF Viewer Plus.
RP80: 6.1.2014 14:51:04 - Nainstalováno: PaperPort Image Printer
RP81: 6.1.2014 14:51:14 - Je nainstalován ovladač tiskárny Nuance Image Printer Driver
RP82: 6.1.2014 14:52:51 - Instalováno Brother Software Suite
RP83: 6.1.2014 14:54:30 - Byl nainstalován nepodepsaný ovladač tiskárny Brother PC-FAX v.
RP84: 7.1.2014 8:36:59 - Software Distribution Service 3.0
RP85: 9.1.2014 18:42:32 - Kontrolní bod systému
RP86: 10.1.2014 10:53:22 - Nainstalováno: Sada Compatibility Pack pro systém Office 2007
RP87: 13.1.2014 8:04:15 - Kontrolní bod systému
RP88: 14.1.2014 8:09:10 - Software Distribution Service 3.0
RP89: 15.1.2014 7:46:21 - Software Distribution Service 3.0
RP90: 17.1.2014 12:17:24 - Kontrolní bod systému
RP91: 18.1.2014 12:25:14 - Kontrolní bod systému
RP92: 20.1.2014 8:01:42 - Kontrolní bod systému
RP93: 20.1.2014 20:27:19 - Sony PC Companion
RP94: 22.1.2014 8:05:57 - Kontrolní bod systému
RP95: 23.1.2014 11:07:42 - Kontrolní bod systému
RP96: 24.1.2014 12:10:16 - Kontrolní bod systému
RP97: 24.1.2014 18:35:40 - Installed Java 7 Update 51
RP98: 27.1.2014 11:34:15 - Kontrolní bod systému
RP99: 31.1.2014 9:43:17 - Kontrolní bod systému
RP100: 1.2.2014 10:05:38 - Kontrolní bod systému
RP101: 2.2.2014 11:49:26 - Kontrolní bod systému
RP102: 3.2.2014 15:33:14 - Kontrolní bod systému
RP103: 3.2.2014 18:52:01 - Sony PC Companion
RP104: 7.2.2014 8:59:59 - avast! antivirus system restore point
RP105: 10.2.2014 8:59:54 - Kontrolní bod systému
RP106: 12.2.2014 8:43:57 - Kontrolní bod systému
RP107: 13.2.2014 13:37:25 - Kontrolní bod systému
RP108: 13.2.2014 18:55:19 - Software Distribution Service 3.0
RP109: 15.2.2014 9:17:45 - Kontrolní bod systému
RP110: 16.2.2014 12:21:52 - Kontrolní bod systému
RP111: 16.2.2014 15:21:14 - Installed Google Chrome
RP112: 17.2.2014 15:36:46 - Kontrolní bod systému
RP113: 17.2.2014 17:45:44 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [18.11.2013 13:08]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.02.2014 09:00]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{A8105727-97B2-4B68-8BA5-57150A17B1B3} eseeky Url="http://eseeky.com/ws/?source=728386ab?t ... earchTerms}"

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: PirritDesktop - Unknown owner - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=15 folders=2 16273024 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" not deleted

==== EOF on po 17.02.2014 at 18:09:17,09 ======================

problém přetrvává?

dej mi RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

boužel pořád přetrvává

...některá slova v prohlížeči se změní na odkaz a občas vyskočí další okno prohlížeče....viz obrázek

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2014-02-17 18:36:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 425 GB (89%) free of 477 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:36:22, on 17.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: PirritDesktop - Unknown owner - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 9073 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "chrome://foxcub/content/speedDial/speedDial.html"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\
eseeky-search.xml
google-ssl.xml
googletranslate.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-24 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\WINDOWS\system32\mscoree.dll [2010-03-18 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-24 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-18 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-18 81920]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"IndexSearch"=C:\Program Files\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"PaperPort PTD"=C:\Program Files\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]
"PPort12reminder"=C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\Program Files\GeusISKN\GeusISKN.exe"="C:\Program Files\GeusISKN\GeusISKN.exe:*:Enabled:GeusISKN"
"C:\Program Files\Bentley\Program\MicroStation\ustation.exe"="C:\Program Files\Bentley\Program\MicroStation\ustation.exe:*:Enabled:MicroStation for Windows x86"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\FaxApplications.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 FaxApplications"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\DigitalWizards.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 DigitalWizards"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\SendAFax.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 SendFaxAppExe"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP (HP Officejet 7500 E910)"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:Síťový komunikační program HP (HP Officejet 7500 E910)"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:Síťový komunikační program HP COM (HP Officejet 7500 E910)"
"C:\Program Files\Brother\Brmfl10g\FAXRX.exe"="C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-17 18:36:12 ----D---- C:\Program Files\trend micro
2014-02-17 18:36:11 ----D---- C:\rsit
2014-02-17 18:07:22 ----A---- C:\WINDOWS\zoek-delete.exe
2014-02-17 18:07:21 ----D---- C:\WINDOWS\Temp
2014-02-17 17:58:24 ----D---- C:\zoek
2014-02-17 17:30:31 ----D---- C:\zoek_backup
2014-02-17 16:20:09 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2014-02-17 15:48:00 ----D---- C:\WINDOWS\ERUNT
2014-02-17 09:38:11 ----D---- C:\FRST
2014-02-16 16:43:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2014-02-16 16:43:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-16 16:43:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-02-16 16:43:27 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-02-16 16:07:42 ----D---- C:\AdwCleaner
2014-02-16 15:21:35 ----D---- C:\Program Files\Google
2014-02-15 07:27:07 ----D---- C:\Program Files\Mozilla Firefox
2014-02-13 19:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-01-31 15:17:04 ----D---- C:\Program Files\MIKSOFT
2014-01-31 15:13:27 ----D---- C:\Program Files\Abyssmedia
2014-01-28 09:52:33 ----D---- C:\WINDOWS\Minidump
2014-01-24 18:37:23 ----D---- C:\WINDOWS\Sun
2014-01-24 18:36:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2014-01-24 18:36:04 ----D---- C:\Program Files\Common Files\Java
2014-01-24 18:36:01 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\java.exe
2014-01-24 18:35:41 ----D---- C:\Program Files\Java
2014-01-24 18:33:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sun
2014-01-22 09:28:09 ----A---- C:\WINDOWS\IE4 Error Log.txt
2014-01-21 14:03:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
2014-01-21 14:03:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\IsolatedStorage
2014-01-21 13:58:24 ----D---- C:\Spacekace

======List of files/folders modified in the last 1 month======

2014-02-17 18:36:12 ----RD---- C:\Program Files
2014-02-17 18:15:47 ----A---- C:\WINDOWS\wincmd.ini
2014-02-17 18:08:45 ----D---- C:\WINDOWS
2014-02-17 18:08:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-17 17:46:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-02-17 17:43:24 ----D---- C:\WINDOWS\system32
2014-02-17 17:26:06 ----D---- C:\WINDOWS\system32\drivers
2014-02-17 17:23:40 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-17 16:26:44 ----D---- C:\WINDOWS\Prefetch
2014-02-17 16:21:52 ----D---- C:\Program Files\SpeedFan
2014-02-16 17:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-02-16 16:59:55 ----D---- C:\Documents and Settings\Administrator\Data aplikací\amazon
2014-02-16 15:31:03 ----SHD---- C:\WINDOWS\Installer
2014-02-16 15:22:07 ----HD---- C:\Config.Msi
2014-02-16 15:21:39 ----SD---- C:\WINDOWS\Tasks
2014-02-16 11:53:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 10:32:03 ----D---- C:\Program Files\GeusISKN
2014-02-14 11:43:12 ----RSD---- C:\WINDOWS\assembly
2014-02-14 11:43:12 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-13 19:21:38 ----HD---- C:\WINDOWS\inf
2014-02-13 19:21:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-13 19:13:36 ----D---- C:\WINDOWS\WinSxS
2014-02-13 19:13:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 19:09:05 ----D---- C:\WINDOWS\system32\MRT
2014-02-13 19:06:32 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-13 18:59:29 ----A---- C:\WINDOWS\imsins.BAK
2014-02-13 18:59:25 ----D---- C:\Program Files\Internet Explorer
2014-02-13 18:59:16 ----D---- C:\WINDOWS\ie8updates
2014-02-07 11:38:53 ----D---- C:\Program Files\Geometr170
2014-02-07 11:35:49 ----D---- C:\Program Files\Geus180
2014-02-07 11:35:40 ----D---- C:\Program Files\GeusPrint
2014-02-07 09:17:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-07 09:00:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\corpol.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-05 23:24:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-03 18:52:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-01-24 18:36:04 ----D---- C:\Program Files\Common Files
2014-01-21 13:25:02 ----D---- C:\Program Files\Adobe
2014-01-20 20:26:16 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-11-14 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-01 180248]
R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2012-12-29 24184]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 15656]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aksfridge;Sentinel Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2012-06-28 362496]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 akshasp;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
R3 akshhl;SafeNet Inc. Sentinel HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2011-08-25 46720]
R3 aksusb;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2012-06-06 289152]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-05-12 1332544]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-18 7435392]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ALSysIO.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 hasplms;Sentinel Local License Manager; C:\WINDOWS\system32\hasplms.exe [2012-06-28 4941768]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-01-24 182696]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-18 155716]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 PirritDesktop;PirritDesktop; C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [2014-02-14 52568]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

screenshot je bohužel nečitelný

nemohu najít srozumitelné informace o programu PirritSuggestor
můžeš mi objasnit o co se jedná a používáš-li to

PirritSuggestor ....nevím co to je za program, asi nepoužívám....

ještě jednou screenshot...snad už půjde vidět.... slovo se změní na odkaz a když najedu myší vyjede informační okénko o odkazu.....

nějaký PirritSuggestor jsem v PC našel v "přidat nebo odebrat programy"..... dal jsem ho odebrat...

pak jsem spustil AdwCleaner (tak bylo taky něco s názvem pirrit) a dal clean..... po restartu problém zmizel... po druhém restartu je problém zase tu

chtěl jsem spustit MBAM, ale hlásil chyby a nespustil se....

# AdwCleaner v3.019 - Report created 18/02/2014 at 07:51:53
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - SD-E475094E471F
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\antimalware\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Pirrit Suggestor
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Pirrit Suggestor
Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Pirrit
File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\eseeky-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Pirrit
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1490 octets] - [16/02/2014 16:07:46]
AdwCleaner[R1].txt - [1146 octets] - [16/02/2014 16:17:17]
AdwCleaner[R2].txt - [1267 octets] - [16/02/2014 16:26:04]
AdwCleaner[R3].txt - [2317 octets] - [18/02/2014 07:46:20]
AdwCleaner[R4].txt - [2377 octets] - [18/02/2014 07:50:31]
AdwCleaner[S0].txt - [1575 octets] - [16/02/2014 16:10:04]
AdwCleaner[S1].txt - [1208 octets] - [16/02/2014 16:18:41]
AdwCleaner[S2].txt - [2328 octets] - [18/02/2014 07:51:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2388 octets] ##########

spustil jsem AdwCleaner znovu....

# AdwCleaner v3.019 - Report created 18/02/2014 at 08:17:23
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - SD-E475094E471F
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\antimalware\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKLM\Software\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1490 octets] - [16/02/2014 16:07:46]
AdwCleaner[R1].txt - [1146 octets] - [16/02/2014 16:17:17]
AdwCleaner[R2].txt - [1267 octets] - [16/02/2014 16:26:04]
AdwCleaner[R3].txt - [2317 octets] - [18/02/2014 07:46:20]
AdwCleaner[R4].txt - [2377 octets] - [18/02/2014 07:50:31]
AdwCleaner[R5].txt - [1576 octets] - [18/02/2014 08:14:09]
AdwCleaner[S0].txt - [1575 octets] - [16/02/2014 16:10:04]
AdwCleaner[S1].txt - [1208 octets] - [16/02/2014 16:18:41]
AdwCleaner[S2].txt - [2468 octets] - [18/02/2014 07:51:53]
AdwCleaner[S3].txt - [1501 octets] - [18/02/2014 08:17:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1561 octets] ##########

Jo a občas mě informuje Avast že něco detekoval........ C:\...\pittitdesktop.exe....nebo něco takového?

v RogueKiller klikni na Oprava proxy a Zpráva - otevře se log, ten sem vlož

Pak mi dej nový RSIT a odpálíme ten PirritSuggestor ručně

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Oprava Proxy -- Datum : 02/18/2014 10:26:02
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] PirritService.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] PirritDesktop.exe -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritDesktop.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=hxxp://127.0.0.1:9880 [Country: , City: ]) -> VYMAZÁNO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NAHRAZENO (0)

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

Dokončeno : << RKreport[0]_PR_02182014_102602.txt >>
RKreport[0]_D_02172014_171819.txt;RKreport[0]_H_02172014_171954.txt;RKreport[0]_S_02172014_171807.txt
RKreport[0]_S_02182014_102553.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2014-02-18 10:27:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 426 GB (89%) free of 477 GB
Total RAM: 2047 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:24, on 18.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: PirritDesktop - Unknown owner - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 8123 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "chrome://foxcub/content/speedDial/speedDial.html"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\njvqa4l3.default\searchplugins\
google-ssl.xml
googletranslate.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-24 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-24 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-18 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-18 81920]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"IndexSearch"=C:\Program Files\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"PaperPort PTD"=C:\Program Files\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]
"PPort12reminder"=C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\Program Files\GeusISKN\GeusISKN.exe"="C:\Program Files\GeusISKN\GeusISKN.exe:*:Enabled:GeusISKN"
"C:\Program Files\Bentley\Program\MicroStation\ustation.exe"="C:\Program Files\Bentley\Program\MicroStation\ustation.exe:*:Enabled:MicroStation for Windows x86"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\FaxApplications.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 FaxApplications"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\DigitalWizards.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 DigitalWizards"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\SendAFax.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet 7500 E910 SendFaxAppExe"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP (HP Officejet 7500 E910)"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:Síťový komunikační program HP (HP Officejet 7500 E910)"
"C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe"="C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:Síťový komunikační program HP COM (HP Officejet 7500 E910)"
"C:\Program Files\Brother\Brmfl10g\FAXRX.exe"="C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-17 18:36:12 ----D---- C:\Program Files\trend micro
2014-02-17 18:36:11 ----D---- C:\rsit
2014-02-17 18:07:22 ----A---- C:\WINDOWS\zoek-delete.exe
2014-02-17 18:07:21 ----D---- C:\WINDOWS\Temp
2014-02-17 17:58:24 ----D---- C:\zoek
2014-02-17 17:30:31 ----D---- C:\zoek_backup
2014-02-17 16:20:09 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2014-02-17 15:48:00 ----D---- C:\WINDOWS\ERUNT
2014-02-17 09:38:11 ----D---- C:\FRST
2014-02-16 16:43:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2014-02-16 16:43:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-16 16:07:42 ----D---- C:\AdwCleaner
2014-02-16 15:21:35 ----D---- C:\Program Files\Google
2014-02-15 07:27:07 ----D---- C:\Program Files\Mozilla Firefox
2014-02-13 19:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-01-31 15:17:04 ----D---- C:\Program Files\MIKSOFT
2014-01-31 15:13:27 ----D---- C:\Program Files\Abyssmedia
2014-01-28 09:52:33 ----D---- C:\WINDOWS\Minidump
2014-01-24 18:37:23 ----D---- C:\WINDOWS\Sun
2014-01-24 18:36:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2014-01-24 18:36:04 ----D---- C:\Program Files\Common Files\Java
2014-01-24 18:36:01 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-24 18:35:56 ----A---- C:\WINDOWS\system32\java.exe
2014-01-24 18:35:41 ----D---- C:\Program Files\Java
2014-01-24 18:33:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sun
2014-01-22 09:28:09 ----A---- C:\WINDOWS\IE4 Error Log.txt
2014-01-21 14:03:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
2014-01-21 14:03:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\IsolatedStorage
2014-01-21 13:58:24 ----D---- C:\Spacekace

======List of files/folders modified in the last 1 month======

2014-02-18 10:26:53 ----D---- C:\WINDOWS\system32
2014-02-18 10:26:21 ----A---- C:\WINDOWS\wincmd.ini
2014-02-18 10:25:51 ----D---- C:\WINDOWS\system32\drivers
2014-02-18 10:23:28 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-18 10:22:18 ----RD---- C:\Program Files
2014-02-18 08:26:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-17 18:08:45 ----D---- C:\WINDOWS
2014-02-17 17:46:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-02-17 16:26:44 ----D---- C:\WINDOWS\Prefetch
2014-02-17 16:21:52 ----D---- C:\Program Files\SpeedFan
2014-02-16 17:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-02-16 16:59:55 ----D---- C:\Documents and Settings\Administrator\Data aplikací\amazon
2014-02-16 15:31:03 ----SHD---- C:\WINDOWS\Installer
2014-02-16 15:22:07 ----HD---- C:\Config.Msi
2014-02-16 15:21:39 ----SD---- C:\WINDOWS\Tasks
2014-02-16 11:53:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 10:32:03 ----D---- C:\Program Files\GeusISKN
2014-02-14 11:43:12 ----RSD---- C:\WINDOWS\assembly
2014-02-14 11:43:12 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-13 19:21:38 ----HD---- C:\WINDOWS\inf
2014-02-13 19:21:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-13 19:13:36 ----D---- C:\WINDOWS\WinSxS
2014-02-13 19:13:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 19:09:05 ----D---- C:\WINDOWS\system32\MRT
2014-02-13 19:06:32 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-13 18:59:29 ----A---- C:\WINDOWS\imsins.BAK
2014-02-13 18:59:25 ----D---- C:\Program Files\Internet Explorer
2014-02-13 18:59:16 ----D---- C:\WINDOWS\ie8updates
2014-02-07 11:38:53 ----D---- C:\Program Files\Geometr170
2014-02-07 11:35:49 ----D---- C:\Program Files\Geus180
2014-02-07 11:35:40 ----D---- C:\Program Files\GeusPrint
2014-02-07 09:17:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-07 09:00:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----N---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----N---- C:\WINDOWS\system32\corpol.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-05 23:24:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-03 18:52:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-01-24 18:36:04 ----D---- C:\Program Files\Common Files
2014-01-21 13:25:02 ----D---- C:\Program Files\Adobe
2014-01-20 20:26:16 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-11-14 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-01 180248]
R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2012-12-29 24184]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 15656]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aksfridge;Sentinel Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2012-06-28 362496]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 akshasp;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
R3 akshhl;SafeNet Inc. Sentinel HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2011-08-25 46720]
R3 aksusb;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2012-06-06 289152]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-05-12 1332544]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-18 7435392]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ALSysIO.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 hasplms;Sentinel Local License Manager; C:\WINDOWS\system32\hasplms.exe [2012-06-28 4941768]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-01-24 182696]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-18 155716]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S2 PirritDesktop;PirritDesktop; C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor\PirritService.exe [2014-02-14 52568]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

momentálně se problém neprojevuje...

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[resethosts]
[emptytemp]
[emptyflash]
[emptyjava]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files\trend micro
C:\rsit
C:\WINDOWS\zoek-delete.exe
C:\zoek
C:\zoek_backup
C:\FRST
C:\AdwCleaner
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PirritSuggestor
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

:Services
PirritDesktop

VIRY.CZ

1place.org

1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org

Re: 1place.org