Pomůže mi někdo?

[Hondzzikk]

Pc mi hlasí chybu nějakého ovladače a začaly se mi odesílat mi e-maily a chodit nedoručitelnost e-mailu.

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[Hondzzikk]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Hondzik (administrator) on HONDZIK-PC on 09-04-2014 10:48:15
Running from C:\Users\Hondzik\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(forum.viry.cz) C:\Users\Hondzik\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Privatefirewall] - C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe [3048480 2013-12-17] (Privacyware/PWI, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-04] (Microsoft Corporation)
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\Run: [AIMP3] - C:\Program Files (x86)\AIMP3\AIMP3.exe [1701832 2013-11-04] (AIMP DevTeam)
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\MountPoints2: {77bda6c4-73e1-11e3-b104-bc5ff4813621} - E:\Startme.exe
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\MountPoints2: {77bda6ec-73e1-11e3-b104-bc5ff4813621} - F:\AutoRun.exe
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\MountPoints2: {7a418874-504f-11e3-8a3d-bc5ff4813621} - E:\AutoRun.exe
HKU\S-1-5-21-3085194815-1020300490-4046752758-1000\...\MountPoints2: {8a74bc6e-699b-11e3-af05-bc5ff4813621} - F:\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ru.redirect.wrapper.services.alawar.ru/startpage.php?lang=cs&wspv=3.0&locale=cs&pid=10202
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {5347542D-5637-006A-76A7-7A786E7484D7} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 94.127.128.130 94.127.129.2

FireFox:
========
FF ProfilePath: C:\Users\Hondzik\AppData\Roaming\Mozilla\Firefox\Profiles\pqxrm19p.default-1390910878329
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Hondzik\AppData\Roaming\Mozilla\Firefox\Profiles\pqxrm19p.default-1390910878329\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-01-29]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YoutubeAdblocker) - C:\Users\Hondzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\anolnnnemcgijmcclcnonmkigafmnnhp [2014-01-11]
CHR Extension: (YTBBooKMark) - C:\Users\Hondzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apnajgjdfdakaonckjlbnldpncchgnkh [2014-01-11]
CHR Extension: (greatsaveir) - C:\Users\Hondzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\benldiilgebhehebekhdkdckmiecaahc [2014-01-11]
CHR Extension: (Save Me) - C:\Users\Hondzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2014-01-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNet; C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-12-17] (Privacyware/PWI, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
S2 Crypkey License; crypserv.exe [X]

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2014-03-30] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-03-30] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S4 speedfan; C:\Windows\SysWow64\speedfan.sys [5120 2005-06-15] (Windows (R) Server 2003 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-10-01] (Duplex Secure Ltd.)
U3 ah6xhcmw; C:\Windows\System32\Drivers\ah6xhcmw.sys [0 ] (NVIDIA Corporation)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 10:48 - 2014-04-09 10:48 - 00012520 _____ () C:\Users\Hondzik\Desktop\FRST.txt
2014-04-09 10:47 - 2014-04-09 10:48 - 00000000 ____D () C:\FRST
2014-04-09 10:46 - 2014-04-09 10:46 - 02157056 _____ (Farbar) C:\Users\Hondzik\Desktop\FRST64.exe
2014-04-09 10:46 - 2014-04-09 10:46 - 00112640 _____ (forum.viry.cz) C:\Users\Hondzik\Desktop\FRSTLauncher.exe
2014-04-07 21:00 - 2014-04-07 21:00 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Farm Mania 2
2014-04-07 20:58 - 2014-04-07 20:59 - 00000000 ____D () C:\ProgramData\Youdagames
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files (x86)\Youdagames
2014-04-05 19:20 - 2014-04-05 19:20 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-04-05 18:02 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-04-05 17:54 - 2014-04-05 17:54 - 00002196 _____ () C:\Users\Public\Desktop\EFLC.lnk
2014-04-05 12:57 - 2014-04-05 12:57 - 00000000 ____D () C:\Program Files (x86)\Black_Box
2014-04-05 12:56 - 2010-08-03 11:11 - 00819200 ___SH () C:\Windows\SysWOW64\xvidcore.dll
2014-04-05 12:56 - 2010-08-03 11:11 - 00180224 ___SH () C:\Windows\SysWOW64\xvidvfw.dll
2014-04-01 05:04 - 2014-04-01 05:04 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Malwarebytes
2014-04-01 05:04 - 2014-04-01 05:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 05:04 - 2010-04-29 12:19 - 00024664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-30 11:26 - 2014-03-30 11:29 - 00310984 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 11:26 - 2014-03-30 11:26 - 00042696 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-24 15:18 - 2014-03-24 15:33 - 00000000 ____D () C:\Users\Public\StarStableOnline
2014-03-21 23:47 - 2014-04-09 10:43 - 00000000 ____D () C:\Users\Hondzik\Desktop\mp3 auto + new hop
2014-03-14 12:25 - 2014-03-29 09:38 - 00000849 _____ () C:\Users\Hondzik\Desktop\Emergency 4.lnk
2014-03-14 12:19 - 2014-04-03 15:33 - 00000000 ____D () C:\Program Files\Emergency 4
2014-03-12 12:52 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 12:52 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 12:52 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 12:52 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 12:52 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 12:52 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 12:52 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 12:52 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 12:52 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 12:52 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 12:52 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 12:52 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 12:52 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 12:52 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 12:52 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 12:52 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 12:52 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 12:52 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 12:52 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 12:52 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 12:52 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 12:52 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 12:52 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 12:52 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 12:52 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 12:52 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 12:52 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 12:52 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 12:52 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 12:52 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 12:52 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 12:52 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 12:52 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 12:52 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 12:52 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 12:52 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 12:52 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 12:52 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 12:52 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 12:52 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 12:52 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 12:52 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 12:52 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 12:52 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 12:50 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 12:50 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 12:50 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 12:50 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-09 10:48 - 2014-04-09 10:48 - 00012520 _____ () C:\Users\Hondzik\Desktop\FRST.txt
2014-04-09 10:48 - 2014-04-09 10:47 - 00000000 ____D () C:\FRST
2014-04-09 10:46 - 2014-04-09 10:46 - 02157056 _____ (Farbar) C:\Users\Hondzik\Desktop\FRST64.exe
2014-04-09 10:46 - 2014-04-09 10:46 - 00112640 _____ (forum.viry.cz) C:\Users\Hondzik\Desktop\FRSTLauncher.exe
2014-04-09 10:44 - 2013-10-01 13:44 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\AIMP3
2014-04-09 10:43 - 2014-03-21 23:47 - 00000000 ____D () C:\Users\Hondzik\Desktop\mp3 auto + new hop
2014-04-09 10:43 - 2013-10-26 16:01 - 00000000 ____D () C:\hry
2014-04-09 10:40 - 2013-10-01 13:47 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\ICQ
2014-04-09 10:10 - 2013-10-01 13:21 - 01621525 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 10:09 - 2009-07-14 06:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 10:09 - 2009-07-14 06:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 10:06 - 2013-10-01 14:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 10:01 - 2013-10-06 12:41 - 00065284 _____ () C:\Windows\setupact.log
2014-04-09 10:01 - 2013-10-01 13:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-09 10:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-08 16:45 - 2013-03-13 20:25 - 00000000 ____D () C:\Users\Hondzik\Documents\Rockstar Games
2014-04-08 09:14 - 2013-10-01 15:51 - 00002893 _____ () C:\Users\Hondzik\Documents\ax_files.xml
2014-04-07 21:00 - 2014-04-07 21:00 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Farm Mania 2
2014-04-07 20:59 - 2014-04-07 20:58 - 00000000 ____D () C:\ProgramData\Youdagames
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files (x86)\Youdagames
2014-04-06 15:16 - 2009-07-14 17:18 - 00672158 _____ () C:\Windows\system32\perfh005.dat
2014-04-06 15:16 - 2009-07-14 17:18 - 00142754 _____ () C:\Windows\system32\perfc005.dat
2014-04-06 15:16 - 2009-07-14 07:13 - 01593238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 19:20 - 2014-04-05 19:20 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-04-05 17:54 - 2014-04-05 17:54 - 00002196 _____ () C:\Users\Public\Desktop\EFLC.lnk
2014-04-05 17:54 - 2013-10-01 17:28 - 00002306 _____ () C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2014-04-05 12:57 - 2014-04-05 12:57 - 00000000 ____D () C:\Program Files (x86)\Black_Box
2014-04-05 12:57 - 2014-03-04 00:12 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-04-05 12:57 - 2014-03-04 00:12 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-04-04 10:01 - 2013-12-07 16:50 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-04-03 15:33 - 2014-03-14 12:19 - 00000000 ____D () C:\Program Files\Emergency 4
2014-04-03 09:56 - 2013-11-04 10:25 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-04-03 09:55 - 2013-10-01 13:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 05:04 - 2014-04-01 05:04 - 00000000 ____D () C:\Users\Hondzik\AppData\Roaming\Malwarebytes
2014-04-01 05:04 - 2014-04-01 05:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 00:29 - 2013-10-13 10:31 - 00000000 ____D () C:\Users\Hondzik\AppData\Local\Deployment
2014-03-30 11:29 - 2014-03-30 11:26 - 00310984 _____ () C:\Windows\system32\Drivers\atksgt.sys
2014-03-30 11:29 - 2013-10-13 20:43 - 00193895 _____ () C:\Windows\DirectX.log
2014-03-30 11:26 - 2014-03-30 11:26 - 00042696 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2014-03-29 09:38 - 2014-03-14 12:25 - 00000849 _____ () C:\Users\Hondzik\Desktop\Emergency 4.lnk
2014-03-24 15:33 - 2014-03-24 15:18 - 00000000 ____D () C:\Users\Public\StarStableOnline
2014-03-22 02:31 - 2013-11-04 13:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-22 02:29 - 2013-11-04 13:59 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 16:09 - 2013-10-01 13:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 16:46 - 2014-02-14 23:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-13 10:43 - 2009-07-14 06:45 - 05241000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-11 22:06 - 2013-10-01 14:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:06 - 2013-10-01 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 22:06 - 2013-10-01 14:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Hondzik\AppData\Local\Temp\1_Offer_2.exe
C:\Users\Hondzik\AppData\Local\Temp\1_Offer_3.exe
C:\Users\Hondzik\AppData\Local\Temp\1_Offer_4.exe
C:\Users\Hondzik\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Hondzik\AppData\Local\Temp\AskSLib.dll
C:\Users\Hondzik\AppData\Local\Temp\avgnt.exe
C:\Users\Hondzik\AppData\Local\Temp\bitool.dll
C:\Users\Hondzik\AppData\Local\Temp\BrowserInfo.exe
C:\Users\Hondzik\AppData\Local\Temp\CH.dll
C:\Users\Hondzik\AppData\Local\Temp\Copy.dll
C:\Users\Hondzik\AppData\Local\Temp\DownloadManager.exe
C:\Users\Hondzik\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Hondzik\AppData\Local\Temp\drm_dyndata_7370007.dll
C:\Users\Hondzik\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Hondzik\AppData\Local\Temp\i4jdel0.exe
C:\Users\Hondzik\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\Hondzik\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Hondzik\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Hondzik\AppData\Local\Temp\Mobogenie_Setup_2-1-35_517.exe
C:\Users\Hondzik\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Hondzik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hondzik\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Hondzik\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Hondzik\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Hondzik\AppData\Local\Temp\nvStInst.exe
C:\Users\Hondzik\AppData\Local\Temp\ose00000.exe
C:\Users\Hondzik\AppData\Local\Temp\sfextra.dll
C:\Users\Hondzik\AppData\Local\Temp\Tsu85C82D8B.dll
C:\Users\Hondzik\AppData\Local\Temp\ubi7A60.tmp.exe
C:\Users\Hondzik\AppData\Local\Temp\ubi95C6.tmp.exe
C:\Users\Hondzik\AppData\Local\Temp\YTDSETUP.EXE
C:\Users\Hondzik\AppData\Local\Temp\_isC9C4.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 03:53




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (NOD) (Fixed) (Total:270.35 GB) (Free:48.68 GB) NTFS
Drive d: (WORK) (Fixed) (Total:195.31 GB) (Free:30.16 GB) NTFS
Drive e: (PROG) (Removable) (Total:7.45 GB) (Free:2.55 GB) FAT32

Available physical RAM: 5866.87 MB
Total physical RAM: 8175.24 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 550D5820)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Disk: 5 (Size: 7 GB) (Disk ID: 005C9F8A)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Privatefirewall (Enabled) {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hondzik\Desktop" je 449 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Jak to vypadá s legalitou vašeho oper. systému?

[Hondzzikk]

no mám je od známého a nic to po mě nikdy nechtělo..tak nevím

[Rudy]

Pokud ho máte od známého zkopírovaný, není legální. Legalita s osvědčuje štítkem COA, nalepeným na skříni PC.

[Hondzzikk]

to nemám. to znamená že mi nepomůžete?

[Rudy]

to nemám. to znamená že mi nepomůžete?

Přesně tak. Viz pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .