VIRY.CZ

Dobrý den,

prosím o pomoc při řešení problému - před cca dvěma dny začal údajně Avast alarmovat v cca pětimininutových intervalech o nalezeném viru. Přesný začátek ani akce, které mu předcházely, neznám, nejedná se o můj počítač.

Addition: Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014
Ran by Svorcova (administrator) on NB030022 on 24-07-2014 08:45:48
Running from C:\Documents and Settings\Svorcova\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accoca.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(E-MU Systems) C:\WINDOWS\system32\emaudsv.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Documents and Settings\Svorcova\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\ackpbsc: c:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)
Winlogon\Notify\acunlock: c:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
Winlogon\Notify\OneCard: c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\Run: [KiesPDLR] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-14] (Samsung)
HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-14] (Samsung)
HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\Run: [GarenaPlus] => "G:\Garena Plus\GarenaMessenger.exe" -autolaunch

HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\MountPoints2: {7e674f08-09ff-11e0-994d-18a905d17acd} - G:\TranscendService(JF).exe
HKU\S-1-5-21-2560769980-3457516315-1502140107-1006\...\MountPoints2: {beccff60-2563-11df-9802-0027134c04ce} - setupSNK.exe
AppInit_DLLs: APSHook.dll => C:\WINDOWS\system32\APSHook.dll [81680 2008-05-21] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=101916&l=dis
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
URLSearchHook: HKCU - QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Svorcova\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
SearchScopes: HKLM - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM - {1A67A698-8C89-455E-AA5C-FE62920D0B9E} URL = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... s}&locale=
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: QIPBHO Class -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} -> C:\Documents and Settings\Svorcova\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9769D2DC-1ED4-4CA4-A75D-216A639ECDDC}: [NameServer]212.158.128.2,212.158.128.3

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.cz/
FF Keyword.URL: hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=69e544e30000000000000026823b5cdf&tlver=1.4.35.10&affID=100489
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\searchplugins\qipsearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Wikipedia Toolbar - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\wikipediatoolbar@wikipedia.org [2010-02-28]
FF Extension: Garmin Communicator - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-19]
FF Extension: Download Statusbar - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011-10-29]
FF Extension: Flagfox - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: FlashGot - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-02-21]
FF Extension: Adblock Plus - C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-06-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-25]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-15] (ActivIdentity)
R2 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [111888 2008-05-21] (Bioscrypt Inc.)
R2 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-05-21] (Bioscrypt Inc.)
R2 ATService; c:\Program Files\Fingerprint Sensor\AtService.exe [1168632 2008-05-09] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 emaudsv; C:\WINDOWS\system32\emaudsv.exe [20992 2007-11-26] (E-MU Systems) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-02-14] (Macrovision Europe Ltd.) [File not signed]
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [34184 2008-05-14] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-05-13] (SafeBoot International)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-29] (Oracle Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2009-06-22] (Microsoft Corporation) [File not signed]
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2009-06-22] (Microsoft Corporation) [File not signed]
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-03-25] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-04] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-04] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-04] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-04] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-04] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1287552 2008-03-21] (Broadcom Corporation)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [539512 2008-04-03] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37424 2008-04-03] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [879624 2008-04-03] (Broadcom Corporation.)
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156392 2008-04-03] (Broadcom Corporation.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [74688 2008-04-03] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 emusba10; C:\WINDOWS\System32\DRIVERS\emusba10.sys [163352 2007-11-26] (E-MU Systems)
S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2010-02-12] (LogMeIn, Inc.)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [41216 2007-04-04] (Infineon Technologies AG)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [94336 2010-07-30] (ITE )
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [91776 2009-06-22] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3626112 2008-04-28] (Intel Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R1 RsvLock; C:\WINDOWS\system32\Drivers\RsvLock.sys [12496 2008-05-13] (SafeBoot International)
R0 SafeBoot; C:\WINDOWS\system32\Drivers\SafeBoot.sys [108752 2008-05-13] () [File not signed]
R0 SbAlg; C:\WINDOWS\system32\Drivers\SbAlg.sys [51376 2008-05-13] (SafeBoot N.V.)
R0 SbFsLock; C:\WINDOWS\system32\Drivers\SbFsLock.sys [12928 2008-05-13] (SafeBoot International)
R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2006-03-13] (Protection Technology (StarForce)) [File not signed]
S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-10-24] (SMC)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-02-22] () [File not signed]
S3 SynasUSB; C:\WINDOWS\System32\drivers\SynasUSB.sys [18432 2006-11-23] (SIA Syncrosoft) [File not signed]
S3 usb_rndis; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12800 2008-04-14] (Microsoft Corporation)
U3 ae09ri8d; C:\WINDOWS\system32\Drivers\ae09ri8d.sys [0 ] (Microsoft Corporation)
U1 eabfiltr;
S3 GarenaPEngine; \??\C:\DOCUME~1\Svorcova\LOCALS~1\Temp\KGC68.tmp [X]
S3 GGSAFERDriver; \??\G:\Garena Plus\Room\safedrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 08:45 - 2014-07-24 08:46 - 00023486 _____ () C:\Documents and Settings\Svorcova\Plocha\FRST.txt
2014-07-24 08:45 - 2014-07-24 08:45 - 00000000 ____D () C:\FRST
2014-07-24 08:43 - 2014-07-24 08:43 - 01084416 _____ (Farbar) C:\Documents and Settings\Svorcova\Plocha\FRST.exe
2014-07-24 08:40 - 2014-07-24 08:40 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Svorcova\Plocha\FRSTLauncher.exe
2014-07-23 18:26 - 2014-07-23 18:26 - 00704451 _____ () C:\Documents and Settings\Svorcova\Plocha\FindStatGen45Beta.gsk
2014-07-23 18:23 - 2014-07-23 09:03 - 33054353 _____ () C:\Documents and Settings\Svorcova\Plocha\5401873.gpx
2014-07-22 22:05 - 2014-07-22 22:06 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-22 22:05 - 2014-07-22 22:05 - 00000000 ____D () C:\Documents and Settings\Svorcova\Nabídka Start\Programy\Unlocker
2014-07-22 22:00 - 2014-07-22 22:00 - 04812672 _____ (Piriform Ltd) C:\Documents and Settings\Svorcova\Plocha\ccsetup415.exe
2014-07-21 17:35 - 2014-07-23 21:54 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\Impérium-Mafie-v-Atlantic-City
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 ____D () C:\Documents and Settings\All Users\Dokumenty\CrashDump
2014-07-06 18:38 - 2014-07-06 18:38 - 00000000 ____D () C:\Documents and Settings\Svorcova\Data aplikací\AVAST Software
2014-07-06 18:37 - 2014-07-06 18:37 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-04 16:39 - 2014-07-04 16:38 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 16:38 - 2014-07-04 16:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-01 18:31 - 2014-07-24 08:30 - 00000394 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1401898988.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 08:46 - 2014-07-24 08:45 - 00023486 _____ () C:\Documents and Settings\Svorcova\Plocha\FRST.txt
2014-07-24 08:46 - 2010-02-04 10:52 - 00000000 ____D () C:\Documents and Settings\Svorcova\Local Settings\Temp
2014-07-24 08:45 - 2014-07-24 08:45 - 00000000 ____D () C:\FRST
2014-07-24 08:45 - 2010-02-04 10:52 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha
2014-07-24 08:44 - 2010-02-04 10:52 - 00000000 ___HD () C:\Documents and Settings\Svorcova\Local Settings\Data aplikací
2014-07-24 08:43 - 2014-07-24 08:43 - 01084416 _____ (Farbar) C:\Documents and Settings\Svorcova\Plocha\FRST.exe
2014-07-24 08:40 - 2014-07-24 08:40 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Svorcova\Plocha\FRSTLauncher.exe
2014-07-24 08:36 - 2013-04-25 18:55 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-24 08:30 - 2014-07-01 18:31 - 00000394 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1401898988.job
2014-07-24 08:30 - 2011-02-06 18:40 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 08:30 - 2004-09-08 11:13 - 01931080 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-24 08:29 - 2010-11-06 18:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-24 08:29 - 2010-11-06 18:53 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-24 08:29 - 2008-07-09 05:48 - 00000000 ____D () C:\Documents and Settings\All Users\HPQLOG
2014-07-24 08:29 - 2004-09-08 11:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-23 21:56 - 2010-02-04 10:52 - 00000178 ___SH () C:\Documents and Settings\Svorcova\ntuser.ini
2014-07-23 21:56 - 2010-02-04 10:52 - 00000000 ____D () C:\Documents and Settings\Svorcova
2014-07-23 21:56 - 2004-09-08 11:13 - 00032590 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-23 21:55 - 2012-06-07 09:32 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-23 21:54 - 2014-07-21 17:35 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\Impérium-Mafie-v-Atlantic-City
2014-07-23 21:54 - 2010-02-20 21:23 - 00117760 _____ () C:\Documents and Settings\Svorcova\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-23 21:22 - 2011-02-06 18:40 - 00000944 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 19:51 - 2010-12-27 23:39 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-23 19:51 - 2010-02-20 21:24 - 00000000 ____D () C:\Documents and Settings\Svorcova\Data aplikací\dvdcss
2014-07-23 19:51 - 2010-02-16 18:57 - 00000000 ____D () C:\Documents and Settings\Svorcova\Data aplikací\vlc
2014-07-23 19:50 - 2013-09-09 19:10 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\Foto na výpal
2014-07-23 19:00 - 2010-10-17 20:56 - 00000000 ____D () C:\Documents and Settings\Svorcova\Data aplikací\gsak
2014-07-23 18:51 - 2010-10-17 20:56 - 00000000 ____D () C:\Program Files\gsak
2014-07-23 18:26 - 2014-07-23 18:26 - 00704451 _____ () C:\Documents and Settings\Svorcova\Plocha\FindStatGen45Beta.gsk
2014-07-23 18:03 - 2011-05-02 18:52 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\UZbody
2014-07-23 17:57 - 2013-02-15 17:47 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\Pavel 8.2013
2014-07-23 09:03 - 2014-07-23 18:23 - 33054353 _____ () C:\Documents and Settings\Svorcova\Plocha\5401873.gpx
2014-07-22 22:06 - 2014-07-22 22:05 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-22 22:05 - 2014-07-22 22:05 - 00000000 ____D () C:\Documents and Settings\Svorcova\Nabídka Start\Programy\Unlocker
2014-07-22 22:05 - 2010-02-04 10:52 - 00000000 ___RD () C:\Documents and Settings\Svorcova\Nabídka Start\Programy
2014-07-22 22:01 - 2010-02-09 16:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-22 22:00 - 2014-07-22 22:00 - 04812672 _____ (Piriform Ltd) C:\Documents and Settings\Svorcova\Plocha\ccsetup415.exe
2014-07-22 18:32 - 2014-06-04 18:23 - 00000000 ____D () C:\Program Files\Opera
2014-07-20 18:54 - 2004-09-08 11:12 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-12 22:07 - 2012-10-01 21:33 - 01947234 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-2560769980-3457516315-1502140107-1006-0.dat
2014-07-12 22:07 - 2012-02-04 18:33 - 00392970 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 ____D () C:\Documents and Settings\All Users\Dokumenty\CrashDump
2014-07-12 18:53 - 2008-07-09 14:06 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-07-11 19:31 - 2014-06-18 20:17 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\EC - archiv
2014-07-08 20:55 - 2012-06-07 09:32 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-08 20:55 - 2011-11-02 18:52 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-06 18:56 - 2011-02-06 18:40 - 00000000 ____D () C:\Documents and Settings\Svorcova\Local Settings\Data aplikací\Temp
2014-07-06 18:46 - 2013-04-25 18:55 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-06 18:38 - 2014-07-06 18:38 - 00000000 ____D () C:\Documents and Settings\Svorcova\Data aplikací\AVAST Software
2014-07-06 18:38 - 2010-02-04 10:52 - 00000000 __RHD () C:\Documents and Settings\Svorcova\Data aplikací
2014-07-06 18:37 - 2014-07-06 18:37 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-04 16:39 - 2013-04-25 18:55 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-07-04 16:39 - 2008-07-09 14:06 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-04 16:38 - 2014-07-04 16:39 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 16:38 - 2014-07-04 16:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 16:38 - 2013-04-25 18:55 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 16:38 - 2013-04-25 18:55 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 16:38 - 2013-04-25 18:55 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 16:38 - 2013-04-25 18:55 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 16:38 - 2013-04-25 18:55 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-04 16:38 - 2013-04-25 18:55 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-04 16:38 - 2013-04-25 18:55 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 16:37 - 2013-04-25 18:50 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-07-04 16:36 - 2004-09-08 10:57 - 00002503 _____ () C:\WINDOWS\system32\config.nt
2014-06-30 20:30 - 2014-03-12 19:52 - 00000000 ____D () C:\Documents and Settings\Svorcova\Plocha\ING

Some content of TEMP:
====================
C:\Documents and Settings\Svorcova\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:231.87 GB) (Free:112.72 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.98 GB) FAT32

Available physical RAM: 1773.51 MB
Total physical RAM: 2972.19 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 233 GB) (Disk ID: DABFDABF)
Partition 1: (Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not bemove.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1401898988.job => C:\Program Files\Opera\launcher.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Svorcova\Plocha" je 24206 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX
C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe "-i" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Documents and Settings\\Svorcova\\Plocha\\Miranda\\miranda32.exe"="C:\\Documents and Settings\\Svorcova\\Plocha\\Miranda\\miranda32.exe:*:Enabled:Miranda IM"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Hry\\Stronghold Crusader\\Stronghold Crusader.exe"="C:\\Hry\\Stronghold Crusader\\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\QIP\\qip.exe"="C:\\Program Files\\QIP\\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\\Documents and Settings\\Svorcova\\Data aplikac\\GameRanger\\GameRanger\\GameRanger.exe"="C:\\Documents and Settings\\Svorcova\\Data aplikac\\GameRanger\\GameRanger\\GameRanger.exe:*:Enabled:GameRanger"
"C:\\Hry\\Re-Volt\\REVOLT.EXE"="C:\\Hry\\Re-Volt\\REVOLT.EXE:*:Enabled:REVOLT"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Nakido\\nakido.exe"="C:\\Program Files\\Nakido\\nakido.exe:*:Enabled:Nakido"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\Steam\\SteamApps\\common\\Pinball FX2\\Pinball FX2.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Pinball FX2\\Pinball FX2.exe:*:Enabled:Pinball FX2"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"16000:UDP"="16000:UDP:*:Enabled:UDP port 16000"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JRT zahlásilo něco jako "bad module" a vyžádalo si restart. Před restartem vyskočilo několik chybových hlášek, stačil jsem postřehnout ActiveClient a "global mutex not properly initialized". Po restartu se spustila instalační služba Windows (opět něco s ActiveClient), načež zas zabouchal Avast (ActiveClient). Log z JRT tu, na AdwCleaner pracuji.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by Svorcova on źt 24.07.2014 at 9:30:35,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1A67A698-8C89-455E-AA5C-FE62920D0B9E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}



~~~ Files

Successfully deleted: [File] "C:\Documents and Settings\Svorcova\Data aplikacˇ\microsoft\internet explorer\qipsearchbar.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Svorcova\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Svorcova\Data aplikacˇ\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files\trymedia"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Svorcova\Data aplikacˇ\mozilla\firefox\profiles\7z6663v8.default\searchplugins\askcom.xml
Successfully deleted the following from C:\Documents and Settings\Svorcova\Data aplikacˇ\mozilla\firefox\profiles\7z6663v8.default\prefs.js

user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar.bbDpng", 26);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "69e544e30000000000000026823b5cdf");
user_pref("extensions.BabylonToolbar.instlDay", "15303");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=69e544e30000000000000026823b5cdf&tlver=1.4.35.10&affID=100489
user_pref("extensions.BabylonToolbar.lastDP", 26);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1019:46:03");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 60901401);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1019:46:03");
user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=69e544e30000000000000026823b5cdf&tlver=1.4.35.10&affID=100489");
Emptied folder: C:\Documents and Settings\Svorcova\Data aplikacˇ\mozilla\firefox\profiles\7z6663v8.default\minidumps [47 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 24.07.2014 at 9:37:44,32
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.216 - Report created 24/07/2014 at 09:53:00
# Updated 17/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Svorcova - NB030022
# Running from : C:\Documents and Settings\Svorcova\Plocha\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\Svorcova\Local Settings\Data aplikací\Babylon

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IM

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [provider]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Documents and Settings\Svorcova\Data aplikací\Mozilla\Firefox\Profiles\7z6663v8.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2272 octets] - [24/07/2014 09:51:35]
AdwCleaner[S0].txt - [1985 octets] - [24/07/2014 09:53:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2045 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 22-07-2014
Tool run by Svorcova on źt 24.07.2014 at 10:09:27,42.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Svorcova\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24.7.2014 10:15:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2560769980-3457516315-1502140107-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Svorcova\Data aplikací\Sun" not found
"C:\Documents and Settings\Svorcova\Data aplikací\vlc" not found
"C:\Documents and Settings\Svorcova\Data aplikací\DivX" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Sony" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Ahead" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Zoner" not found
"C:\Documents and Settings\Svorcova\Data aplikací\GARMIN" not found
"C:\Documents and Settings\Svorcova\Data aplikací\GeoGet" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Winamp" not found
"C:\Documents and Settings\Svorcova\Data aplikací\calibre" not found
"C:\Documents and Settings\Svorcova\Data aplikací\FLEXnet" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Hamachi" not found
"C:\Documents and Settings\Svorcova\Data aplikací\Samsung" not found
C:\Program Files\ComPlus Applications deleted
C:\WINDOWS\002890_.tmp deleted
C:\WINDOWS\wininit.ini deleted
"C:\WINDOWS\Installer\5d0d55.msi" deleted
"C:\WINDOWS\Installer\453d18.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [04.07.2014 16:38]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\Documents and Settings\All Users\Data aplikacˇ\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 12:36]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04.07.2014 16:38]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC11171D299C9A24D9651C395901A2AA deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D17111CB-C992-42A9-9D56-C19395102AAA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\BC11171D299C9A24D9651C395901A2AA deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Svorcova\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Svorcova\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5 folders=1 1276436 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Svorcova\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Svorcova\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on źt 24.07.2014 at 10:35:10,71 ======================

Poprosim o novy log z FRST