VIRY.CZ

Dobry den, nachytal jsem nekde tohoto smejda a nemuzu se ho zbavit, prosim proto o pomoc...dekuji pekne

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02
Ran by xp (administrator) on CX on 27-02-2014 21:32:46
Running from C:\Documents and Settings\xp\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) c:\program files\idt\wdm\stacsv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
(Google Inc.) C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\rapimgr.exe
(ZONER software) C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-09] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] - C:\WINDOWS\system32\AESTFltr.exe [737280 2009-07-07] (Andrea Electronics Corporation)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\redirector.exe [128960 2011-08-11] (Citrix Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Google+ Auto Backup] - C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://cag.o2.cz/vpn/index.html
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={search ... c=iesearch
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL =
BHO: CtxIEInterceptorBHO Class - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.facebook.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Citrix ICA Client) - C:\Program Files\Mozilla Firefox\plugins\npicaN.dll (Citrix Systems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Extension: (GC little helper) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aimnideehoepfoiniigacdpefnlngnob [2013-02-07]
CHR Extension: (Xmarks Bookmark Sync) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-06-29]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-07]
CHR Extension: (Disk Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-07]
CHR Extension: (YouTube) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-07]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-07]
CHR Extension: (Photo Zoom for Facebook) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-02-07]
CHR Extension: (Easy Torrent Support) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gpbcafcjfgbnjobffeemfcdbcblkkgeg [2014-01-31]
CHR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-06-29]
CHR Extension: (PDF Mergy) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-01-15]
CHR Extension: (GC Bag-o-Tricks) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hhmlmafecblgdgikjiplogaeonnhpgdf [2013-02-07]
CHR Extension: (Google Keep) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-10-07]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-07]

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-07-16] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 STacSV; c:\program files\idt\wdm\stacsv.exe [229458 2010-03-09] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-04-21] (Andrea Electronics Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2649216 2010-10-29] (Broadcom Corporation)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1656499 2010-03-09] (IDT, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S4 IntelIde; No ImagePath

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\i8042prt.sys C528E27945367191E7BAE364930B6932
C:\WINDOWS\System32\DRIVERS\igxpmp32.sys C0255E6F43DBDE7F20637A039075318D
C:\WINDOWS\System32\drivers\iastor.sys D483687EACE0C065EE772481A96E05F5
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\IntcHdmi.sys F5C70E41B19D33CC764998786AB74165
C:\WINDOWS\System32\DRIVERS\intelppm.sys 27B290D632AF2CF3CF40BFDDB7370985
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irda.sys ACA5E7B54409F9CB5EED97ED0C81120E
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys CC9F8A2D60AED1A51A3AC34C59B987AE
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 1B6162FE7F66B1A71A4B70F941C4AA9B
C:\WINDOWS\System32\DRIVERS\kbdhid.sys 86C8F23616C6C6E5B2776901C17B945B
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 44032B0C6D9954D3FD26438330B99EE7
C:\WINDOWS\System32\DRIVERS\mouclass.sys 4CB582831DBDE63CE43B45D771218374
C:\WINDOWS\System32\DRIVERS\mouhid.sys BB269EBA740737AB749B214D568B6812
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 46F8DB73B4A53E543F8E371DC7C75BAE
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 1FAE19D0457176318BBA4A8795656EBC
C:\WINDOWS\System32\DRIVERS\pci.sys 6CE351D149CB4BEFC702951E471E1730
C:\WINDOWS\System32\DRIVERS\pcmcia.sys 4FC31E6C19A5CE5198B1ABFF94CAE758
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasirda.sys 0207D26DDF796A193CCD9F83047BB5FC
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys 611BFD220305BE3A85AE876EA47D4AA5
C:\WINDOWS\System32\DRIVERS\rimmptsk.sys EA885E7A56F1BE1F14C372337C42FE48
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys B842729337C9B921615C40D3C1A1AF96
C:\WINDOWS\System32\DRIVERS\sffdisk.sys 0FA803C64DF0914B41F807EA276BF2A6
C:\WINDOWS\System32\DRIVERS\sffp_sd.sys C17C331E435ED8737525C86A7557B3AC
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 94610C8653635E4459316A0050D55CE7
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys A1CC726323FB41FFD29F436A77237E41
C:\WINDOWS\System32\drivers\sthda.sys C111965A8DBD00768787D807EC3113FF
C:\WINDOWS\System32\DRIVERS\irstusb.sys A1A16662C6B1A665D965D61B9EECC5A7
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\DRIVERS\usb8023x.sys B4D7B7AD8A9F7C063C5CC3E2C1A0724E
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 28A4B296B47782173C346E376CB374D1
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\wceusbsh.sys 46A247F6617526AFE38B6F12F5512120
C:\WINDOWS\System32\Drivers\wdf01000.sys 4769596D7CC0F5FA447D2BABC239672A
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WinUSB.sys FD600B032E741EB6AAB509FC630F7C42
C:\WINDOWS\System32\DRIVERS\wmiacpi.sys C42584FD66CE9E17403AEBCA199F7BDB
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-27 21:32 - 2014-02-27 21:33 - 00021991 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-02-27 21:32 - 2014-02-27 21:32 - 00000000 ____D () C:\FRST
2014-02-27 21:31 - 2014-02-27 21:32 - 01143808 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 20:44 - 2014-02-26 20:44 - 00009263 _____ () C:\Documents and Settings\xp\Plocha\hijackthis.log
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:40 - 2014-02-26 20:40 - 00024694 _____ () C:\Documents and Settings\xp\Plocha\combotxt.txt
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 13:26 - 2014-02-27 21:10 - 00076580 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 13:20 - 2013-01-03 15:51 - 00000211 _____ () C:\Boot.bak
2014-02-26 13:20 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2014-02-26 13:19 - 2014-02-26 13:20 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:15 - 2014-02-27 20:26 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-25 08:31 - 2014-02-25 08:31 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-24 10:57 - 2014-02-24 10:57 - 00002185 _____ () C:\Documents and Settings\xp\Plocha\AdwCleaner[R5].txt
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-26 20:44 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 16:54 - 2014-02-22 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-11 21:13 - 2014-02-11 21:15 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-06 22:01 - 2014-02-06 22:01 - 00000000 _____ () C:\Documents and Settings\xp\TempWmicBatchFile.bat
2014-02-06 21:58 - 2014-02-06 21:59 - 00010498 _____ () C:\Documents and Settings\All Users\Data aplikací\lpm.dat
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:57 - 2014-02-06 21:59 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-05 22:57 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:56 - 2014-02-05 22:57 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-05 22:55 - 2014-02-05 22:58 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:54 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-02-24 10:50 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader
2014-01-29 21:32 - 2014-02-19 08:34 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Daně byt dům

==================== One Month Modified Files and Folders =======

2014-02-27 21:33 - 2014-02-27 21:32 - 00021991 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-02-27 21:32 - 2014-02-27 21:32 - 00000000 ____D () C:\FRST
2014-02-27 21:32 - 2014-02-27 21:31 - 01143808 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-02-27 21:32 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp\Plocha
2014-02-27 21:15 - 2014-01-22 15:39 - 00000396 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-02-27 21:10 - 2014-02-26 13:26 - 00076580 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-27 21:08 - 2013-05-18 22:07 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Skype
2014-02-27 21:05 - 2013-12-24 08:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-27 21:05 - 2013-12-24 08:44 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-27 21:05 - 2013-01-04 13:56 - 00068376 _____ () C:\Documents and Settings\xp\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-02-27 21:05 - 2013-01-03 16:47 - 00270984 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-27 21:05 - 2013-01-03 15:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-27 21:04 - 2013-01-03 16:00 - 00000178 ___SH () C:\Documents and Settings\xp\ntuser.ini
2014-02-27 21:04 - 2013-01-03 15:59 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-27 20:57 - 2013-01-03 15:54 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-02-27 20:55 - 2013-01-31 17:23 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-02-27 20:55 - 2013-01-04 14:25 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-02-27 20:45 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp
2014-02-27 20:39 - 2013-01-31 13:24 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-27 20:26 - 2014-02-26 13:15 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-27 07:13 - 2013-01-31 18:41 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Hokejove listiny
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:43 - 2013-01-03 16:00 - 00000000 ___HD () C:\Documents and Settings\xp\Local Settings\Data aplikací
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 22:42 - 2013-12-18 21:05 - 00000000 ___RD () C:\Program Files\Skype
2014-02-26 22:42 - 2013-01-31 13:26 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-02-26 22:42 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-02-26 20:44 - 2014-02-26 20:44 - 00009263 _____ () C:\Documents and Settings\xp\Plocha\hijackthis.log
2014-02-26 20:44 - 2014-02-23 18:53 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:40 - 2014-02-26 20:40 - 00024694 _____ () C:\Documents and Settings\xp\Plocha\combotxt.txt
2014-02-26 20:33 - 2008-04-14 08:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-26 20:32 - 2013-01-03 16:47 - 28573696 _____ () C:\WINDOWS\system32\config\software.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 20:26 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Data aplikací
2014-02-26 13:31 - 2013-01-03 15:59 - 00000000 ___SD () C:\Documents and Settings\LocalService
2014-02-26 13:20 - 2014-02-26 13:19 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:20 - 2013-01-03 16:47 - 00000327 __RSH () C:\boot.ini
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-26 13:15 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy
2014-02-26 08:11 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Po spuštění
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-25 08:31 - 2014-02-25 08:31 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-24 23:26 - 2013-10-26 10:29 - 00000000 ____D () C:\AdwCleaner
2014-02-24 23:26 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty
2014-02-24 10:57 - 2014-02-24 10:57 - 00002185 _____ () C:\Documents and Settings\xp\Plocha\AdwCleaner[R5].txt
2014-02-24 10:50 - 2014-01-30 07:26 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-02-24 10:42 - 2013-01-03 16:48 - 01130370 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-24 09:49 - 2013-01-03 16:48 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-02-24 09:31 - 2013-01-04 14:25 - 00000000 __HDC () C:\WINDOWS\ie8
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 17:27 - 2013-04-27 09:20 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-22 17:03 - 2014-02-22 16:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-22 16:54 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Data aplikací
2014-02-22 08:39 - 2013-12-11 20:39 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-19 08:34 - 2014-01-29 21:32 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Daně byt dům
2014-02-19 08:33 - 2013-11-01 19:20 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\aaaaroot
2014-02-19 08:32 - 2013-07-17 07:06 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\rwe
2014-02-15 07:24 - 2013-05-12 16:31 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-02-14 20:55 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Obrázky
2014-02-13 07:11 - 2013-06-29 07:35 - 00000000 ____D () C:\Program Files\Aurora
2014-02-11 21:15 - 2014-02-11 21:13 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-08 09:09 - 2013-01-03 15:59 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací
2014-02-07 18:43 - 2013-03-14 22:15 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\foobar2000
2014-02-06 22:01 - 2014-02-06 22:01 - 00000000 _____ () C:\Documents and Settings\xp\TempWmicBatchFile.bat
2014-02-06 21:59 - 2014-02-06 21:58 - 00010498 _____ () C:\Documents and Settings\All Users\Data aplikací\lpm.dat
2014-02-06 21:59 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:58 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:58 - 2014-02-05 22:55 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:58 - 2014-02-05 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-05 22:58 - 2013-09-12 17:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Filmy
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:57 - 2014-02-05 22:56 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-03 07:11 - 2013-01-31 18:25 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Sitel
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader
2014-01-30 07:26 - 2013-02-11 12:30 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Foxit Software

Files to move or delete:
====================
C:\Documents and Settings\xp\TempWmicBatchFile.bat


Some content of TEMP:
====================
C:\Documents and Settings\xp\Local Settings\temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2008-04-14 08:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2008-04-14 08:00] - [2008-04-14 08:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 08:00] - [2008-04-14 08:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Diky za rychlou reakci

# AdwCleaner v3.020 - Report created 27/02/2014 at 22:05:07
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : xp - CX
# Running from : C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v33.0.1750.117

[ File : C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1454 octets] - [26/10/2013 10:29:58]
AdwCleaner[R1].txt - [1132 octets] - [30/01/2014 07:27:45]
AdwCleaner[R2].txt - [1448 octets] - [13/02/2014 07:12:59]
AdwCleaner[R3].txt - [1193 octets] - [22/02/2014 17:03:33]
AdwCleaner[R4].txt - [1313 octets] - [24/02/2014 08:53:37]
AdwCleaner[R5].txt - [2185 octets] - [24/02/2014 10:52:03]
AdwCleaner[R6].txt - [2245 octets] - [24/02/2014 23:24:09]
AdwCleaner[R7].txt - [1517 octets] - [27/02/2014 22:03:57]
AdwCleaner[S0].txt - [1533 octets] - [26/10/2013 10:31:32]
AdwCleaner[S1].txt - [1198 octets] - [30/01/2014 07:29:03]
AdwCleaner[S2].txt - [1440 octets] - [13/02/2014 07:14:07]
AdwCleaner[S3].txt - [1257 octets] - [22/02/2014 17:05:00]
AdwCleaner[S4].txt - [2334 octets] - [24/02/2014 23:26:20]
AdwCleaner[S5].txt - [1438 octets] - [27/02/2014 22:05:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1498 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by xp on čt 27-02-14 at 21:55:16.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on čt 27-02-14 at 21:58:51.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by xp on čt 27-02-14 at 23:15:06.71.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\xp\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27-2-14 23:15:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Documents and Settings\xp\daemonprocess.txt deleted
C:\Documents and Settings\xp\.android deleted
C:\Program Files\Wise\Wise Registry Cleaner deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Documents and Settings\xp\TempWmicBatchFile.bat deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\lpm.dat deleted
C:\Documents and Settings\xp\Local Settings\Data aplikací\cache deleted
"C:\WINDOWS\Installer\20f5c3.msi" deleted
"C:\Documents and Settings\xp\Data aplikací\Outlook" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [24-02-13 23:25]

==== Chrome Look ======================

GC little helper - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aimnideehoepfoiniigacdpefnlngnob
Photo Zoom for Facebook - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
Easy Torrent Support - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gpbcafcjfgbnjobffeemfcdbcblkkgeg
LastPass - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
PDF Mergy - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha
GC Bag-o-Tricks - xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hhmlmafecblgdgikjiplogaeonnhpgdf

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://cag.o2.cz/vpn/index.html"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://cag.o2.cz/vpn/index.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
{0C3F859E-B79A-4C17-B214-213E73AF2A20} Google Url="http://www.google.com/search?q={searchT ... f8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{c1d89ae7-449d-4929-b24b-fded04adbe06} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1202660629-2147154659-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C059F0AE629D66346AC0E9B717BDF12F deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA0F950C-D926-4366-A60C-9E7B71DB1FF2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\C059F0AE629D66346AC0E9B717BDF12F deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\xp\Local Settings\Temporary Internet Files\Content.IE5\LM6YEFXN will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\xp\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=615 folders=26 18676718 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\xp\Local Settings\temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\xp\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\xp\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\xp\Local Settings\Temporary Internet Files\Content.IE5\LM6YEFXN" not found

==== EOF on źt 27-02-14 at 23:24:31.17 ======================

Dejte novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2014
Ran by xp (administrator) on CX on 01-03-2014 23:11:44
Running from C:\Documents and Settings\xp\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) c:\program files\idt\wdm\stacsv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
(Google Inc.) C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(ZONER software) C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\rapimgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-09] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] - C:\WINDOWS\system32\AESTFltr.exe [737280 2009-07-07] (Andrea Electronics Corporation)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\redirector.exe [128960 2011-08-11] (Citrix Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Google+ Auto Backup] - C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://cag.o2.cz/vpn/index.html
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: CtxIEInterceptorBHO Class - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: https://www.facebook.com/login.php?login_attempt=1
CHR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-02-28]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-07-16] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 STacSV; c:\program files\idt\wdm\stacsv.exe [229458 2010-03-09] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-04-21] (Andrea Electronics Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2649216 2010-10-29] (Broadcom Corporation)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1656499 2010-03-09] (IDT, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 23:11 - 2014-03-01 23:12 - 00010263 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-03-01 23:11 - 2014-03-01 23:11 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\FRST-OlderVersion
2014-03-01 20:45 - 2014-03-01 20:45 - 00696390 _____ () C:\Documents and Settings\xp\Plocha\kocka.bmp
2014-03-01 15:44 - 2014-03-01 15:44 - 00000396 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-03-01 15:30 - 2014-03-01 15:30 - 00001238 _____ () C:\Documents and Settings\xp\Plocha\VIRTPT.txt
2014-03-01 13:47 - 2014-03-01 13:47 - 00000000 ____D () C:\_OTL
2014-02-28 18:44 - 2014-02-28 18:44 - 00100278 _____ () C:\Documents and Settings\xp\Plocha\OTL.Txt
2014-02-28 18:44 - 2014-02-28 18:44 - 00039890 _____ () C:\Documents and Settings\xp\Plocha\Extras.Txt
2014-02-28 18:35 - 2014-02-28 18:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\xp\Plocha\OTL.exe
2014-02-27 23:15 - 2014-02-27 23:24 - 00008527 _____ () C:\zoek-results.log
2014-02-27 23:15 - 2014-02-27 23:21 - 00000000 ____D () C:\zoek_backup
2014-02-27 21:53 - 2014-02-27 21:54 - 01244192 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
2014-02-27 21:32 - 2014-03-01 23:11 - 00000000 ____D () C:\FRST
2014-02-27 21:31 - 2014-03-01 23:11 - 01144320 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 13:26 - 2014-03-01 15:38 - 00154449 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 13:20 - 2013-01-03 15:51 - 00000211 _____ () C:\Boot.bak
2014-02-26 13:20 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2014-02-26 13:19 - 2014-02-26 13:20 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:15 - 2014-02-27 20:26 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-25 08:31 - 2014-02-27 21:53 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-26 20:44 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 16:54 - 2014-02-22 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-11 21:13 - 2014-02-11 21:15 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:57 - 2014-02-06 21:59 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-05 22:57 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:56 - 2014-02-05 22:57 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-05 22:55 - 2014-02-05 22:58 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:54 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-02-24 10:50 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader

==================== One Month Modified Files and Folders =======

2014-03-01 23:12 - 2014-03-01 23:11 - 00010263 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-03-01 23:11 - 2014-03-01 23:11 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\FRST-OlderVersion
2014-03-01 23:11 - 2014-02-27 21:32 - 00000000 ____D () C:\FRST
2014-03-01 23:11 - 2014-02-27 21:31 - 01144320 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-03-01 23:11 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp\Plocha
2014-03-01 22:39 - 2013-01-31 18:41 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Hokejove listiny
2014-03-01 22:35 - 2013-05-18 22:07 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Skype
2014-03-01 20:45 - 2014-03-01 20:45 - 00696390 _____ () C:\Documents and Settings\xp\Plocha\kocka.bmp
2014-03-01 15:44 - 2014-03-01 15:44 - 00000396 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-03-01 15:38 - 2014-02-26 13:26 - 00154449 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-01 15:35 - 2013-12-24 08:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-01 15:35 - 2013-12-24 08:44 - 00000000 _____ () C:\WINDOWS\wiaservc.log
2014-03-01 15:34 - 2013-01-03 15:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-01 15:33 - 2013-01-03 16:00 - 00000178 ___SH () C:\Documents and Settings\xp\ntuser.ini
2014-03-01 15:33 - 2013-01-03 15:59 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-01 15:30 - 2014-03-01 15:30 - 00001238 _____ () C:\Documents and Settings\xp\Plocha\VIRTPT.txt
2014-03-01 13:47 - 2014-03-01 13:47 - 00000000 ____D () C:\_OTL
2014-02-28 18:44 - 2014-02-28 18:44 - 00100278 _____ () C:\Documents and Settings\xp\Plocha\OTL.Txt
2014-02-28 18:44 - 2014-02-28 18:44 - 00039890 _____ () C:\Documents and Settings\xp\Plocha\Extras.Txt
2014-02-28 18:35 - 2014-02-28 18:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\xp\Plocha\OTL.exe
2014-02-27 23:24 - 2014-02-27 23:15 - 00008527 _____ () C:\zoek-results.log
2014-02-27 23:21 - 2014-02-27 23:15 - 00000000 ____D () C:\zoek_backup
2014-02-27 23:21 - 2013-03-10 07:55 - 00000000 ____D () C:\Program Files\Wise
2014-02-27 23:21 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ___HD () C:\Documents and Settings\xp\Local Settings\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp
2014-02-27 22:05 - 2013-10-26 10:29 - 00000000 ____D () C:\AdwCleaner
2014-02-27 21:54 - 2014-02-27 21:53 - 01244192 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
2014-02-27 21:53 - 2014-02-25 08:31 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-27 21:05 - 2013-01-04 13:56 - 00068376 _____ () C:\Documents and Settings\xp\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-02-27 21:05 - 2013-01-03 16:47 - 00270984 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-27 20:57 - 2013-01-03 15:54 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-02-27 20:55 - 2013-01-31 17:23 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-02-27 20:55 - 2013-01-04 14:25 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-02-27 20:26 - 2014-02-26 13:15 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 22:42 - 2013-12-18 21:05 - 00000000 ___RD () C:\Program Files\Skype
2014-02-26 22:42 - 2013-01-31 13:26 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-02-26 22:42 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-02-26 20:44 - 2014-02-23 18:53 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:33 - 2008-04-14 08:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-26 20:32 - 2013-01-03 16:47 - 28573696 _____ () C:\WINDOWS\system32\config\software.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 13:31 - 2013-01-03 15:59 - 00000000 ___SD () C:\Documents and Settings\LocalService
2014-02-26 13:20 - 2014-02-26 13:19 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:20 - 2013-01-03 16:47 - 00000327 __RSH () C:\boot.ini
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-26 13:15 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy
2014-02-26 08:11 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Po spuštění
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-24 23:26 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty
2014-02-24 10:50 - 2014-01-30 07:26 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-02-24 10:42 - 2013-01-03 16:48 - 01130370 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-24 09:49 - 2013-01-03 16:48 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-02-24 09:31 - 2013-01-04 14:25 - 00000000 __HDC () C:\WINDOWS\ie8
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 17:27 - 2013-04-27 09:20 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-22 17:03 - 2014-02-22 16:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-22 08:39 - 2013-12-11 20:39 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-19 08:34 - 2014-01-29 21:32 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Daně byt dům
2014-02-19 08:33 - 2013-11-01 19:20 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\aaaaroot
2014-02-19 08:32 - 2013-07-17 07:06 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\rwe
2014-02-15 07:24 - 2013-05-12 16:31 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-02-14 20:55 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Obrázky
2014-02-13 07:11 - 2013-06-29 07:35 - 00000000 ____D () C:\Program Files\Aurora
2014-02-11 21:15 - 2014-02-11 21:13 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-08 09:09 - 2013-01-03 15:59 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací
2014-02-07 18:43 - 2013-03-14 22:15 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\foobar2000
2014-02-06 21:59 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:58 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:58 - 2014-02-05 22:55 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:58 - 2014-02-05 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-05 22:58 - 2013-09-12 17:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Filmy
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:57 - 2014-02-05 22:56 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-03 07:11 - 2013-01-31 18:25 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Sitel
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader
2014-01-30 07:26 - 2013-02-11 12:30 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Foxit Software

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2008-04-14 08:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2008-04-14 08:00] - [2008-04-14 08:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 08:00] - [2008-04-14 08:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
  HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
  HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
  HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
  KU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
  HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
  HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  
  SearchScopes: HKLM - DefaultScope value is missing.
  
  2014-03-01 23:11 - 2014-03-01 23:11 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\FRST-OlderVersion
  2014-03-01 15:30 - 2014-03-01 15:30 - 00001238 _____ () C:\Documents and Settings\xp\Plocha\VIRTPT.txt
  2014-02-28 18:44 - 2014-02-28 18:44 - 00100278 _____ () C:\Documents and Settings\xp\Plocha\OTL.Txt
  2014-02-28 18:44 - 2014-02-28 18:44 - 00039890 _____ () C:\Documents and Settings\xp\Plocha\Extras.Txt
  2014-02-28 18:35 - 2014-02-28 18:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\xp\Plocha\OTL.exe
  2014-02-27 23:15 - 2014-02-27 23:24 - 00008527 _____ () C:\zoek-results.log
  2014-02-27 23:15 - 2014-02-27 23:21 - 00000000 ____D () C:\zoek_backup
  2014-02-27 21:53 - 2014-02-27 21:54 - 01244192 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
  2014-02-27 21:31 - 2014-03-01 23:11 - 01144320 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
  2014-02-25 08:31 - 2014-02-27 21:53 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
  2014-01-30 07:26 - 2014-02-24 10:50 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

snad je to ono
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2014
Ran by xp (administrator) on CX on 01-03-2014 23:11:44
Running from C:\Documents and Settings\xp\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) c:\program files\idt\wdm\stacsv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
(Google Inc.) C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(ZONER software) C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\rapimgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-09] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] - C:\WINDOWS\system32\AESTFltr.exe [737280 2009-07-07] (Andrea Electronics Corporation)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\redirector.exe [128960 2011-08-11] (Citrix Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [H/PC Connection Agent] - C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Google+ Auto Backup] - C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1202660629-2147154659-1417001333-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://cag.o2.cz/vpn/index.html
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: CtxIEInterceptorBHO Class - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: https://www.facebook.com/login.php?login_attempt=1
CHR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-02-28]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\xp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-07-16] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 STacSV; c:\program files\idt\wdm\stacsv.exe [229458 2010-03-09] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-04-21] (Andrea Electronics Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2649216 2010-10-29] (Broadcom Corporation)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1656499 2010-03-09] (IDT, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 23:11 - 2014-03-01 23:12 - 00010263 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-03-01 23:11 - 2014-03-01 23:11 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\FRST-OlderVersion
2014-03-01 20:45 - 2014-03-01 20:45 - 00696390 _____ () C:\Documents and Settings\xp\Plocha\kocka.bmp
2014-03-01 15:44 - 2014-03-01 15:44 - 00000396 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-03-01 15:30 - 2014-03-01 15:30 - 00001238 _____ () C:\Documents and Settings\xp\Plocha\VIRTPT.txt
2014-03-01 13:47 - 2014-03-01 13:47 - 00000000 ____D () C:\_OTL
2014-02-28 18:44 - 2014-02-28 18:44 - 00100278 _____ () C:\Documents and Settings\xp\Plocha\OTL.Txt
2014-02-28 18:44 - 2014-02-28 18:44 - 00039890 _____ () C:\Documents and Settings\xp\Plocha\Extras.Txt
2014-02-28 18:35 - 2014-02-28 18:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\xp\Plocha\OTL.exe
2014-02-27 23:15 - 2014-02-27 23:24 - 00008527 _____ () C:\zoek-results.log
2014-02-27 23:15 - 2014-02-27 23:21 - 00000000 ____D () C:\zoek_backup
2014-02-27 21:53 - 2014-02-27 21:54 - 01244192 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
2014-02-27 21:32 - 2014-03-01 23:11 - 00000000 ____D () C:\FRST
2014-02-27 21:31 - 2014-03-01 23:11 - 01144320 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 13:26 - 2014-03-01 15:38 - 00154449 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 13:20 - 2013-01-03 15:51 - 00000211 _____ () C:\Boot.bak
2014-02-26 13:20 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2014-02-26 13:19 - 2014-02-26 13:20 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:15 - 2014-02-27 20:26 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-25 08:31 - 2014-02-27 21:53 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-26 20:44 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 16:54 - 2014-02-22 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-11 21:13 - 2014-02-11 21:15 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:57 - 2014-02-06 21:59 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-05 22:57 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:56 - 2014-02-05 22:57 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-05 22:55 - 2014-02-05 22:58 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:54 - 2014-02-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-02-24 10:50 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader

==================== One Month Modified Files and Folders =======

2014-03-01 23:12 - 2014-03-01 23:11 - 00010263 _____ () C:\Documents and Settings\xp\Plocha\FRST.txt
2014-03-01 23:11 - 2014-03-01 23:11 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\FRST-OlderVersion
2014-03-01 23:11 - 2014-02-27 21:32 - 00000000 ____D () C:\FRST
2014-03-01 23:11 - 2014-02-27 21:31 - 01144320 _____ (Farbar) C:\Documents and Settings\xp\Plocha\FRST.exe
2014-03-01 23:11 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp\Plocha
2014-03-01 22:39 - 2013-01-31 18:41 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Hokejove listiny
2014-03-01 22:35 - 2013-05-18 22:07 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Skype
2014-03-01 20:45 - 2014-03-01 20:45 - 00696390 _____ () C:\Documents and Settings\xp\Plocha\kocka.bmp
2014-03-01 15:44 - 2014-03-01 15:44 - 00000396 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-03-01 15:38 - 2014-02-26 13:26 - 00154449 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-01 15:35 - 2013-12-24 08:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-01 15:35 - 2013-12-24 08:44 - 00000000 _____ () C:\WINDOWS\wiaservc.log
2014-03-01 15:34 - 2013-01-03 15:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-01 15:33 - 2013-01-03 16:00 - 00000178 ___SH () C:\Documents and Settings\xp\ntuser.ini
2014-03-01 15:33 - 2013-01-03 15:59 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-01 15:30 - 2014-03-01 15:30 - 00001238 _____ () C:\Documents and Settings\xp\Plocha\VIRTPT.txt
2014-03-01 13:47 - 2014-03-01 13:47 - 00000000 ____D () C:\_OTL
2014-02-28 18:44 - 2014-02-28 18:44 - 00100278 _____ () C:\Documents and Settings\xp\Plocha\OTL.Txt
2014-02-28 18:44 - 2014-02-28 18:44 - 00039890 _____ () C:\Documents and Settings\xp\Plocha\Extras.Txt
2014-02-28 18:35 - 2014-02-28 18:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\xp\Plocha\OTL.exe
2014-02-27 23:24 - 2014-02-27 23:15 - 00008527 _____ () C:\zoek-results.log
2014-02-27 23:21 - 2014-02-27 23:15 - 00000000 ____D () C:\zoek_backup
2014-02-27 23:21 - 2013-03-10 07:55 - 00000000 ____D () C:\Program Files\Wise
2014-02-27 23:21 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ___HD () C:\Documents and Settings\xp\Local Settings\Data aplikací
2014-02-27 23:21 - 2013-01-03 16:00 - 00000000 ____D () C:\Documents and Settings\xp
2014-02-27 22:05 - 2013-10-26 10:29 - 00000000 ____D () C:\AdwCleaner
2014-02-27 21:54 - 2014-02-27 21:53 - 01244192 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (2).exe
2014-02-27 21:53 - 2014-02-25 08:31 - 01037734 _____ (Thisisu) C:\Documents and Settings\xp\Plocha\JRT.exe
2014-02-27 21:05 - 2013-01-04 13:56 - 00068376 _____ () C:\Documents and Settings\xp\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-02-27 21:05 - 2013-01-03 16:47 - 00270984 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-27 20:57 - 2013-01-03 15:54 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-02-27 20:55 - 2013-05-18 19:36 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-02-27 20:55 - 2013-01-31 17:23 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-02-27 20:55 - 2013-01-04 14:25 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-02-27 20:26 - 2014-02-26 13:15 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-26 22:43 - 2014-02-26 22:43 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-26 22:42 - 2014-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
2014-02-26 22:42 - 2013-12-18 21:05 - 00000000 ___RD () C:\Program Files\Skype
2014-02-26 22:42 - 2013-01-31 13:26 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2014-02-26 22:42 - 2013-01-03 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-02-26 20:44 - 2014-02-23 18:53 - 00002435 _____ () C:\Documents and Settings\xp\Plocha\HiJackThis.lnk
2014-02-26 20:43 - 2014-02-26 20:43 - 00000512 _____ () C:\Documents and Settings\xp\Plocha\MBR.dat
2014-02-26 20:33 - 2008-04-14 08:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-26 20:32 - 2013-01-03 16:47 - 28573696 _____ () C:\WINDOWS\system32\config\software.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 04718592 _____ () C:\WINDOWS\system32\config\system.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-02-26 20:32 - 2013-01-03 16:47 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-02-26 20:31 - 2014-02-26 20:31 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-26 20:31 - 2014-02-26 20:31 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-26 13:31 - 2013-01-03 15:59 - 00000000 ___SD () C:\Documents and Settings\LocalService
2014-02-26 13:20 - 2014-02-26 13:19 - 00000000 _RSHD () C:\cmdcons
2014-02-26 13:20 - 2013-01-03 16:47 - 00000327 __RSH () C:\boot.ini
2014-02-26 13:15 - 2014-02-26 13:15 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Nástroje pro správu
2014-02-26 13:15 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy
2014-02-26 08:11 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Nabídka Start\Programy\Po spuštění
2014-02-25 08:33 - 2014-02-25 08:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-24 23:26 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty
2014-02-24 10:50 - 2014-01-30 07:26 - 01241834 _____ () C:\Documents and Settings\xp\Plocha\adwcleaner (1).exe
2014-02-24 10:42 - 2013-01-03 16:48 - 01130370 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-24 09:49 - 2013-01-03 16:48 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-02-24 09:31 - 2013-01-04 14:25 - 00000000 __HDC () C:\WINDOWS\ie8
2014-02-24 09:13 - 2014-02-24 09:13 - 00000784 _____ () C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-24 09:13 - 2013-04-27 15:09 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2014-02-24 08:49 - 2014-02-24 08:49 - 00056320 _____ () C:\Documents and Settings\xp\Plocha\Docházka 2014 unor.xlsm
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Program Files\Trend Micro
2014-02-23 18:53 - 2014-02-23 18:53 - 00000000 ____D () C:\Documents and Settings\xp\Nabídka Start\Programy\HiJackThis
2014-02-22 17:27 - 2013-04-27 09:20 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-22 17:03 - 2014-02-22 16:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-02-22 08:39 - 2013-12-11 20:39 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-22 08:39 - 2013-01-31 13:24 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-19 08:34 - 2014-01-29 21:32 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Daně byt dům
2014-02-19 08:33 - 2013-11-01 19:20 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\aaaaroot
2014-02-19 08:32 - 2013-07-17 07:06 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\rwe
2014-02-15 07:24 - 2013-05-12 16:31 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-02-14 20:55 - 2013-01-03 16:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Obrázky
2014-02-13 07:11 - 2013-06-29 07:35 - 00000000 ____D () C:\Program Files\Aurora
2014-02-11 21:15 - 2014-02-11 21:13 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\wainyho pokusy
2014-02-08 09:09 - 2014-02-08 09:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2014-02-08 09:09 - 2013-01-03 15:59 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Local Settings\Data aplikací
2014-02-07 18:43 - 2013-03-14 22:15 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\foobar2000
2014-02-06 21:59 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DivX
2014-02-06 19:19 - 2014-02-06 19:19 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\DDMSettings
2014-02-05 23:01 - 2014-02-05 23:01 - 00000000 ____D () C:\Program Files\FLV Video Player
2014-02-05 22:58 - 2014-02-05 22:58 - 00001427 _____ () C:\Documents and Settings\xp\Plocha\DivX Movies.lnk
2014-02-05 22:58 - 2014-02-05 22:58 - 00000727 _____ () C:\Documents and Settings\All Users\Plocha\DivX Player.lnk
2014-02-05 22:58 - 2014-02-05 22:57 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\DivX
2014-02-05 22:58 - 2014-02-05 22:55 - 00000000 ____D () C:\Program Files\DivX
2014-02-05 22:58 - 2014-02-05 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\DivX
2014-02-05 22:58 - 2013-09-12 17:00 - 00000000 ___RD () C:\Documents and Settings\xp\Dokumenty\Filmy
2014-02-05 22:57 - 2014-02-05 22:57 - 00000792 _____ () C:\Documents and Settings\All Users\Plocha\DivX Converter.lnk
2014-02-05 22:57 - 2014-02-05 22:56 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-02-03 07:11 - 2013-01-31 18:25 - 00000000 ____D () C:\Documents and Settings\xp\Plocha\Sitel
2014-02-02 18:10 - 2014-02-02 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-01-31 07:54 - 2014-01-31 07:54 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\qBittorrent
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Local Settings\Data aplikací\Easy BitTorrent Client
2014-01-31 07:27 - 2014-01-31 07:27 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Easy BitTorrent Client
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Product Support
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D () C:\Program Files\Easy BitTorrent Client
2014-01-30 07:26 - 2014-01-30 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Foxit Reader
2014-01-30 07:26 - 2013-02-11 12:30 - 00000000 ____D () C:\Documents and Settings\xp\Data aplikací\Foxit Software

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2008-04-14 08:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2008-04-14 08:00] - [2008-04-14 08:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2008-04-14 08:00] - [2008-04-14 08:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 08:00] - [2008-04-14 08:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

No neni, dal jste znovu scan a ne Fix