VIRY.CZ

Zdravím

Prosím o pomoc s tímto počítačem. Evidetně v něm je něco špatně. Rodina se něodborně prala s nějakým "virem", ale zřejmě se ho nezbavila zcela úlpně. Chtěl sem si spustit test MBAMu a vyskočila mi aktualizace na novější verzi, tak jsem se jí pokusil nainstalovat, nicméně mi při instalaci vyskočil runtime error, takže nic a starší verze je v trapu. Protože jsem se s něčím podobným už setkal, pokusil sem se nainstalovat MBAM pomocí utilitky Chameleon od Malwarebytes, nicméně ten error vyskočí už i při tomto pokusu. Skoušel jsem ještě MBAM Portable, ale ten po instalaci zase píše, že mam vypnout Chameleon, který jsem ovšem předtím smazal.
Nevím si rady, počítač je zasekaný až moc i na to, že je to šunka a BFU rodina mě otravuje, ať s tím něco udělám. Budu moc vděčný za pomoc!
Tady je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01
Ran by dharma (administrator) on DHARMA-A14GPJLV on 25-07-2014 21:14:36
Running from C:\Documents and Settings\dharma\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Sytems Incorporated) C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: NBHShellExt -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Nero8\InCD\NBHShx.dll (Nero AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/ ... msorun.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Tcpip\..\Interfaces\{D535C484-1F1E-41D8-9FFF-A96EBC8FABE1}: [NameServer]194.228.41.65,194.228.41.113

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default
FF NetworkProxy: "backup.ftp", "46.36.35.24"
FF NetworkProxy: "backup.ftp_port", 8118
FF NetworkProxy: "backup.socks", "46.36.35.24"
FF NetworkProxy: "backup.socks_port", 8118
FF NetworkProxy: "backup.ssl", "46.36.35.24"
FF NetworkProxy: "backup.ssl_port", 8118
FF NetworkProxy: "ftp", "201.238.233.211"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "201.238.233.211"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "201.238.233.211"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "201.238.233.211"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - D:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.0-next - C:\Documents and Settings\dharma\Data aplikací\ACEStream\player\npace_plugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dharma\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\google-esk-republika.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: České slovníky pro kontrolu pravopisu - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\cs@dictionaries.addons.mozilla(2).org [2013-12-10]
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2013-12-10]
FF Extension: Download Statusbar - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(2) [2013-12-10]
FF Extension: anonymoX - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\client@anonymox.net.xpi [2013-12-10]
FF Extension: MEGA - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\firefox@mega.co.nz.xpi [2013-12-19]
FF Extension: Adblock Plus - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-10]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky(2).ru [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-22]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files\Tomabo\YouTube Video Downloader\YTVD_FF.xpi
FF Extension: YouTube Video Downloader Extension - C:\Program Files\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2014-03-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\firefox\magicplayer@torrentstream.org

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S4 Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-05-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)
S4 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S4 InCDsrvR; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [1440552 2008-02-28] (Nero AG)
S4 NeroRegInCDSrv; C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032 2008-02-28] (Nero AG)
S4 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-25] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-01] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278728 2009-08-10] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R1 Eve; C:\WINDOWS\System32\DRIVERS\eve.sys [33624 2013-03-28] ()
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2010-12-31] (LogMeIn, Inc.)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2003-04-16] (Microsoft Corporation)
R1 HMFAxCore5decdc700443adec5f3e84408e3098ff; C:\WINDOWS\HMFAxCore5decdc700443adec5f3e84408e3098ff.sys [96328 2014-03-31] (Eltima Software)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [40360 2008-02-28] (Nero AG)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145280 2012-03-02] (ITE )
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2009-08-10] ()
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [53208 2014-05-12] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 msloop; C:\WINDOWS\System32\DRIVERS\loop.sys [4992 2003-04-16] (Microsoft Corporation)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2010-07-16] (CACE Technologies, Inc.)
S2 nvcap; C:\WINDOWS\System32\DRIVERS\nvcap.sys [116924 2002-11-18] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [66688 2009-07-01] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [164896 2009-06-30] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2009-07-01] (NVIDIA Corporation)
S2 NVXBAR; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [10814 2002-11-18] (NVIDIA Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
S3 SE1008mdm; C:\WINDOWS\System32\DRIVERS\SE1008mdm.sys [58536 2009-02-12] (Sony Ericsson)
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-07-31] (Duplex Secure Ltd.)
S3 tap0901_2gm; C:\WINDOWS\System32\DRIVERS\tap0901_2gm.sys [30720 2007-06-21] (The OpenVPN Project)
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R2 thdudf; C:\WINDOWS\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation)
R0 TPkd; C:\WINDOWS\system32\Drivers\TPkd.sys [93336 2012-11-17] (PACE Anti-Piracy, Inc.)
S3 catchme; \??\C:\DOCUME~1\dharma\LOCALS~1\Temp\catchme.sys [X]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225856 2008-06-20] (Microsoft Corporation)
S3 vdrive; system32\DRIVERS\vdrive.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 21:14 - 2014-07-25 21:15 - 00019422 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
2014-07-25 21:12 - 2014-07-25 21:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2014-07-25 21:11 - 2014-07-25 21:11 - 01084416 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2014-07-23 22:12 - 2014-07-23 22:12 - 00014720 _____ () C:\Documents and Settings\dharma\Plocha\Grafika1.cdr
2014-07-17 17:00 - 2014-07-21 20:12 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\sandrik
2014-07-12 19:33 - 2014-07-21 20:12 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\kat
2014-07-11 13:26 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-09 12:57 - 2014-07-23 19:16 - 00007814 _____ () C:\WINDOWS\setupapi.log
2014-07-08 15:40 - 2014-07-11 10:29 - 00000000 _____ () C:\Documents and Settings\dharma\ntuser.tmp
2014-07-02 19:50 - 2014-07-02 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-07-02 19:47 - 2014-07-02 19:47 - 00001919 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001855 _____ () C:\Documents and Settings\All Users\Plocha\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001808 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat XI Pro.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001758 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat Distiller XI.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001741 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Acrobat XI Pro.lnk
2014-07-02 17:46 - 2014-07-02 18:02 - 00000000 ____D () C:\Documents and Settings\dharma\Adobe Acrobat XI Pro
2014-07-02 17:38 - 2014-07-02 17:38 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000796 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000790 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Program Files\Adobe Download Assistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Documents and Settings\Default User\Data aplikací\Macromedia
2014-07-02 17:36 - 2014-07-02 17:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-07-02 16:54 - 2014-07-02 16:54 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\LibreOffice
2014-07-02 16:45 - 2014-07-02 16:46 - 00000000 ___SD () C:\Documents and Settings\All Users\Nabídka Start\Programy\LibreOffice 4.2
2014-07-02 16:45 - 2014-07-02 16:45 - 00000831 _____ () C:\Documents and Settings\All Users\Plocha\LibreOffice 4.2.lnk
2014-07-02 16:36 - 2014-07-02 16:44 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-01 22:19 - 2014-07-01 22:19 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2014-07-01 22:18 - 2014-07-01 22:18 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-07-01 22:17 - 2014-07-25 20:55 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-01 22:15 - 2014-07-07 18:48 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-01 22:14 - 2014-07-01 22:14 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-01 22:14 - 2014-07-01 22:14 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-01 22:11 - 2014-07-01 22:11 - 00000000 ____D () C:\Program Files\AVAST Software

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 21:15 - 2014-07-25 21:14 - 00019422 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
2014-07-25 21:15 - 2014-03-11 00:31 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\temp
2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
2014-07-25 21:14 - 2014-04-18 13:12 - 00000000 ____D () C:\FRST
2014-07-25 21:14 - 2009-02-15 20:19 - 00000000 ___HD () C:\Documents and Settings\dharma\Local Settings\Data aplikací
2014-07-25 21:14 - 2009-02-15 20:19 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha
2014-07-25 21:13 - 2009-09-02 09:37 - 00000000 ____D () C:\Documents and Settings\dharma\Dokumenty\Stažené soubory
2014-07-25 21:12 - 2014-07-25 21:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2014-07-25 21:11 - 2014-07-25 21:11 - 01084416 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2014-07-25 20:55 - 2014-07-01 22:17 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-25 20:55 - 2014-05-10 01:47 - 00417278 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-25 20:54 - 2011-03-23 18:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-25 20:54 - 2011-03-23 18:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-25 20:54 - 2009-02-15 20:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-25 20:54 - 2003-04-16 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-25 20:52 - 2009-02-15 20:19 - 00000272 ___SH () C:\Documents and Settings\dharma\ntuser.ini
2014-07-25 20:52 - 2009-02-15 20:14 - 00032504 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-25 20:39 - 2010-12-30 12:37 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-07-25 20:38 - 2009-08-06 00:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-23 22:12 - 2014-07-23 22:12 - 00014720 _____ () C:\Documents and Settings\dharma\Plocha\Grafika1.cdr
2014-07-23 20:07 - 2014-05-16 18:18 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\web 2
2014-07-23 19:16 - 2014-07-09 12:57 - 00007814 _____ () C:\WINDOWS\setupapi.log
2014-07-23 19:16 - 2009-02-15 20:41 - 00000000 ____D () C:\WINDOWS\system32\ias
2014-07-22 18:21 - 2009-02-17 17:33 - 00000078 _____ () C:\WINDOWS\WatsonsBlockGame.ini
2014-07-21 20:12 - 2014-07-17 17:00 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\sandrik
2014-07-21 20:12 - 2014-07-12 19:33 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\kat
2014-07-20 17:01 - 2009-03-08 11:34 - 00009088 _____ () C:\WINDOWS\system32\rundll32.exe.Z-missing.txt
2014-07-19 21:25 - 2012-02-13 13:17 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\uTorrent
2014-07-18 11:59 - 2014-05-11 02:09 - 00071168 _____ () C:\Documents and Settings\dharma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 13:15 - 2009-02-15 20:47 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-11 13:15 - 2009-02-15 20:47 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-11 10:29 - 2014-07-08 15:40 - 00000000 _____ () C:\Documents and Settings\dharma\ntuser.tmp
2014-07-11 10:29 - 2009-02-15 20:19 - 00000000 ____D () C:\Documents and Settings\dharma
2014-07-10 15:34 - 2014-03-31 15:18 - 00000371 ___SH () C:\WINDOWS\hlistHMFAxCore5decdc700443adec5f3e84408e3098ff
2014-07-10 15:34 - 2009-03-03 08:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2014-07-10 15:33 - 2014-03-31 15:18 - 00000126 ___SH () C:\WINDOWS\wlistHMFAxCore5decdc700443adec5f3e84408e3098ff
2014-07-10 07:07 - 2013-06-21 14:16 - 00000081 _____ () C:\out.txt
2014-07-08 07:59 - 2010-12-30 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2014-07-08 07:59 - 2009-08-05 17:28 - 00000000 ____D () C:\Documents and Settings\dharma\Nabídka Start\Programy\CCleaner
2014-07-08 07:29 - 2014-05-31 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-07-07 18:48 - 2014-07-01 22:15 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-03 14:53 - 2010-01-09 20:16 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Data aplikací\Adobe
2014-07-02 20:08 - 2011-03-22 20:45 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Adobe
2014-07-02 19:50 - 2014-07-02 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-07-02 19:50 - 2009-02-17 22:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-02 19:50 - 2009-02-15 20:47 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-02 19:47 - 2014-07-02 19:47 - 00001919 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001855 _____ () C:\Documents and Settings\All Users\Plocha\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001808 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat XI Pro.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001758 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat Distiller XI.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001741 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Acrobat XI Pro.lnk
2014-07-02 18:56 - 2010-01-19 16:22 - 00000000 ____D () C:\Program Files\Adobe
2014-07-02 18:02 - 2014-07-02 17:46 - 00000000 ____D () C:\Documents and Settings\dharma\Adobe Acrobat XI Pro
2014-07-02 17:44 - 2010-01-10 16:22 - 00353200 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-07-02 17:38 - 2014-07-02 17:38 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-07-02 17:38 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Data aplikací
2014-07-02 17:37 - 2014-07-02 17:37 - 00000796 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000790 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Program Files\Adobe Download Assistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Documents and Settings\Default User\Data aplikací\Macromedia
2014-07-02 17:37 - 2009-02-15 20:47 - 00000000 __RHD () C:\Documents and Settings\Default User\Data aplikací
2014-07-02 17:36 - 2014-07-02 17:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-07-02 16:54 - 2014-07-02 16:54 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\LibreOffice
2014-07-02 16:52 - 2009-02-15 20:46 - 03391032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-02 16:46 - 2014-07-02 16:45 - 00000000 ___SD () C:\Documents and Settings\All Users\Nabídka Start\Programy\LibreOffice 4.2
2014-07-02 16:45 - 2014-07-02 16:45 - 00000831 _____ () C:\Documents and Settings\All Users\Plocha\LibreOffice 4.2.lnk
2014-07-02 16:44 - 2014-07-02 16:36 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-02 16:02 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Nabídka Start\Programy
2014-07-02 16:02 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Nabídka Start
2014-07-02 16:00 - 2009-02-15 20:47 - 00000000 ___HD () C:\Documents and Settings\All Users\Šablony
2014-07-02 05:51 - 2010-06-26 12:09 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Data aplikací\Temp
2014-07-01 22:19 - 2014-07-01 22:19 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2014-07-01 22:18 - 2014-07-01 22:18 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-07-01 22:16 - 2014-05-04 19:01 - 00000000 ____D () C:\Program Files\Google
2014-07-01 22:14 - 2014-07-01 22:15 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-01 22:14 - 2014-07-01 22:14 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-01 22:14 - 2014-07-01 22:14 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-01 22:11 - 2014-07-01 22:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-01 22:11 - 2014-03-06 11:24 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AVAST Software

Some content of TEMP:
====================
C:\Documents and Settings\dharma\Local Settings\temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 1034240 ____N (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1




C:\WINDOWS\system32\winlogon.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0507904 _____ (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea




C:\WINDOWS\system32\svchost.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0014336 _____ (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93




C:\WINDOWS\system32\services.exe
[2003-04-16 14:00] - [2009-02-09 13:25] - 0111104 _____ (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7




C:\WINDOWS\system32\User32.dll
[2003-04-16 14:00] - [2008-04-14 09:52] - 0578560 _____ (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53




C:\WINDOWS\system32\userinit.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0026112 _____ (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239




C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2003-04-16 14:00] - [2008-04-14 08:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1








===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:37.27 GB) (Free:8.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:68.58 GB) NTFS
Drive f: (Místní disk) (Fixed) (Total:74.53 GB) (Free:5.66 GB) NTFS

Available physical RAM: 968.46 MB
Total physical RAM: 1791.23 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: 1CE71CE6)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 82842864)
Partition 1: (Not Active) - (Size=75 GB) - (Type=42)
Disk: 2 (Size: 466 GB) (Disk ID: F81BF81B)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:264A9BB7

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\dharma\Plocha" je 781 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr
"C:\Documents and Settings\dharma\Data aplikac\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1
%systemroot%\system32\dumprep 0 -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
"C:\Program Files\Lexmark 2500 Series\lxddamon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddamon
"C:\Program Files\Lexmark 2500 Series\lxddmon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXDDCATS
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddmon.exe
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
"C:\Documents and Settings\dharma\Data aplikac\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Gamma Loader.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^EPSON Status Monitor 3 Environment Check 2.lnk
C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Logitech SetPoint.lnk
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^Vesmr na dlani.lnk
C:\PROGRA~1\NONOBL~1\vesmir.exe [x]


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ose REG_DWORD 0x3
Nero BackItUp Scheduler 4.0 REG_DWORD 0x2
Lavasoft Ad-Aware Service REG_DWORD 0x2
Adobe LM Service REG_DWORD 0x3
NeroRegInCDSrv REG_DWORD 0x2
InCDsrvR REG_DWORD 0x2
Adobe Version Cue CS2 REG_DWORD 0x2
gusvc REG_DWORD 0x2
gupdate1c98fa28e326f70 REG_DWORD 0x2
NVSvc REG_DWORD 0x2
Adobe Version Cue CS4 REG_DWORD 0x3
EPSONStatusAgent2 REG_DWORD 0x2
JavaQuickStarterService REG_DWORD 0x2
ForcewareWebInterface REG_DWORD 0x2
idsvc REG_DWORD 0x3
IDriverT REG_DWORD 0x3
lxdd_device REG_DWORD 0x2
nvUpdatusService REG_DWORD 0x2
CyberLink PowerDVD 11.0 Service REG_DWORD 0x2
CyberLink PowerDVD 11.0 Monitor Service REG_DWORD 0x2
CryptSvc REG_DWORD 0x3
CLHNServiceForPowerDVD REG_DWORD 0x2
gupdatem REG_DWORD 0x3
gupdate REG_DWORD 0x2
FsUsbExService REG_DWORD 0x2
PnkBstrA REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe"="C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\\Program Files\\Lexmark 2500 Series\\app4r.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled:BorgListener"
"C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe"="C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe:*:Enabled:Detect Multiple Routers"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"="C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe:*:Enabled:Device Monitor Appliaction"
"C:\\Program Files\\Lexmark 2500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled: "
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Disabled:Winamp"
"F:\\Program Files\\Battlefield 2\\BF2.exe"="F:\\Program Files\\Battlefield 2\\BF2.exe:*:Enabled:BF2"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe:*:Enabled: "
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe"="D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe"="D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe"="C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe:*:Enabled:VSO Downloader"
"D:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="D:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player 2.0.8"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"
"C:\\Documents and Settings\\dharma\\Data aplikac\\uTorrent\\uTorrent.exe"="C:\\Documents and Settings\\dharma\\Data aplikac\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\Tomabo\\YouTube Video Downloader\\YouTubeVideoDownloader.exe"="C:\\Program Files\\Tomabo\\YouTube Video Downloader\\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"
"C:\\Program Files\\LibreOffice 4\\program\\soffice.bin"="C:\\Program Files\\LibreOffice 4\\program\\soffice.bin:*:Enabled:LibreOffice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"54321:TCP"="54321:TCP:*:Enabled:uTorrent"
"5400:TCP"="5400:TCP:*:Enabled:ed"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Provedl jsem.
Log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by dharma on pá 25.07.2014 at 21:43:57,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-

BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-

1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-

082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-

1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-

1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-

56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\dharma\Data aplikací\opencandy"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\smarttweak"



~~~ FireFox

Emptied folder: C:\Documents and Settings\dharma\Data

aplikací\mozilla\firefox\profiles\6a65fmkt.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 25.07.2014 at 21:59:43,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Log z AdwCleaner:

# AdwCleaner v3.216 - Report created 25/07/2014 at 22:07:11
# Updated 17/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : dharma - DHARMA-A14GPJLV
# Running from : C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Aimersoft Video Converter Ultimate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\systemk
Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Documents and Settings\All Users\Uniblue
Folder Deleted : C:\Documents and Settings\dharma\Local Settings\Data aplikací\Video Converter
Folder Deleted : C:\Documents and Settings\dharma\Dokumenty\Updater
Folder Deleted : C:\Documents and Settings\dharma\Dokumenty\Video Converter

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Data aplikací\Mozilla\Firefox\Profiles\rom4pbkv.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Data aplikací\Mozilla\Firefox\Profiles\8s2wzzod.default\prefs.js ]


[ File : C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\prefs.js ]


*************************

AdwCleaner[R3].txt - [2823 octets] - [20/04/2014 16:37:41]
AdwCleaner[R4].txt - [4778 octets] - [25/07/2014 22:02:03]
AdwCleaner[S3].txt - [2835 octets] - [20/04/2014 16:40:37]
AdwCleaner[S4].txt - [4330 octets] - [25/07/2014 22:07:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4390 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Provedeno. Zde je log:


Zoek.exe v5.0.0.0 Updated 24-07-2014
Tool run by dharma on pá 25.07.2014 at 22:51:18,67.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\dharma\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.7.2014 22:57:04 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Mozilla\Firefox\Extensions\magicplayer@torrentstream.org deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Documents and Settings\ADMINI~1.DH~\Data aplikací\Mozilla\Firefox\Profiles\rom4pbkv.default\prefs.js:

Added to C:\Documents and Settings\ADMINI~1.DH~\Data aplikací\Mozilla\Firefox\Profiles\rom4pbkv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\ADMINI~1.002\Data aplikací\Mozilla\Firefox\Profiles\8s2wzzod.default\prefs.js:

Added to C:\Documents and Settings\ADMINI~1.002\Data aplikací\Mozilla\Firefox\Profiles\8s2wzzod.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\prefs.js:

Added to C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\7ysu4a7a.default\prefs.js:

Added to C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\7ysu4a7a.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\e5j4eg0f.default\prefs.js:

Added to C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\e5j4eg0f.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\ADMINI~1.DH~\Data aplikací\Mozilla\Firefox\Profiles\rom4pbkv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2334_.backup

ProfilePath: C:\Documents and Settings\ADMINI~1.002\Data aplikací\Mozilla\Firefox\Profiles\8s2wzzod.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2334_.backup

ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2334_.backup

ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\7ysu4a7a.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2334_.backup

ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\e5j4eg0f.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2334_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Program Files\ComPlus Applications deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Documents and Settings\dharma\Data aplikací\coreavc.ini deleted
C:\Documents and Settings\dharma\Data aplikací\netstat.bat deleted
C:\Documents and Settings\dharma\ntuser.tmp deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\odhdzot.pad deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ofvwl.pad deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\as98213.txt deleted
C:\Documents and Settings\All Users\Nabídka Start\Programy\MyFree Codec deleted
C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\CT2645238 deleted
C:\Documents and Settings\dharma\Plocha\VSO Downloader 3.lnk deleted
"C:\WINDOWS\Installer\3f2ba.msi" deleted
"C:\Documents and Settings\dharma\Data aplikací\Fuir\pual.hya" deleted
"C:\Documents and Settings\dharma\Data aplikací\Fuir" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [02.07.2014 19:29]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default
- Undetermined - C:\Documents and Settings\dharma\Data aplikacĂ­\Mozilla\Firefox\Profiles\6a65fmkt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- esk slovnky pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla(2).org
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(2)
- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Thunderbird\Profiles\e5j4eg0f.default
- Undetermined - C:\Documents and Settings\dharma\Data aplikacĂ­\Thunderbird\Profiles\e5j4eg0f.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

AppDir: C:\Program Files\Mozilla Firefox
- Anti-Banner - %AppDir%\extensions\KavAntiBanner@Kaspersky(2).ru
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default
9FD6A1990289B9290563CA069CB74EF9 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
CBFE3156904AB2D1A097F5E74A6C62F3 - D:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F3B0E300AFC94E1A775A2D935A7D384F - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
D10D54424F7388DA2C8BF9877DF8A287 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player
86244E1B6D062BBE2B91AA5DA7376806 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaoggiphohkihibdkcnhnokmkfmhnj - C:\Documents and Settings\dharma\Local Settings\Data aplikací\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.14.1.0.crx[]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01.07.2014 22:14]
igljnkmljjbhcellpnjppojkfdfmkjmp - C:\Program Files\Tomabo\YouTube Video Downloader\YTVD_GC.crx[13.05.2013 12:56]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
kpckgflgdapkpabemgkielbefdildaio - C:\Documents and Settings\dharma\Data aplikací\ACEStream\extensions\chrome_new\magicplayer.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddamon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddmon.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\dharma\Local Settings\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\dharma\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\dharma\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Cache emptied successfully
C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\forecastfox\cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=32 folders=10 194551906 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\temp emptied successfully
C:\Documents and Settings\dharma\Local Settings\temp will be emptied at reboot
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\dharma\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\dharma\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on so 26.07.2014 at 0:12:05,40 ======================

Poprosim o novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by dharma (administrator) on DHARMA-A14GPJLV on 27-07-2014 00:28:33
Running from C:\Documents and Settings\dharma\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Sytems Incorporated) C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: NBHShellExt -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Nero8\InCD\NBHShx.dll (Nero AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/ ... msorun.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Tcpip\..\Interfaces\{D535C484-1F1E-41D8-9FFF-A96EBC8FABE1}: [NameServer]194.228.41.65,194.228.41.113

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "backup.ftp", "46.36.35.24"
FF NetworkProxy: "backup.ftp_port", 8118
FF NetworkProxy: "backup.socks", "46.36.35.24"
FF NetworkProxy: "backup.socks_port", 8118
FF NetworkProxy: "backup.ssl", "46.36.35.24"
FF NetworkProxy: "backup.ssl_port", 8118
FF NetworkProxy: "ftp", "201.238.233.211"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "201.238.233.211"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "201.238.233.211"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "201.238.233.211"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - D:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.0-next - C:\Documents and Settings\dharma\Data aplikací\ACEStream\player\npace_plugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dharma\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\google-esk-republika.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: České slovníky pro kontrolu pravopisu - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\cs@dictionaries.addons.mozilla(2).org [2013-12-10]
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: DownloadHelper - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2013-12-10]
FF Extension: Download Statusbar - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(2) [2013-12-10]
FF Extension: anonymoX - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\client@anonymox.net.xpi [2013-12-10]
FF Extension: Adblock Plus - C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-10]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky(2).ru [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-22]
FF HKLM\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files\Tomabo\YouTube Video Downloader\YTVD_FF.xpi
FF Extension: YouTube Video Downloader Extension - C:\Program Files\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2014-03-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S4 Adobe Version Cue CS2; C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-05-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)
S4 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S4 InCDsrvR; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [1440552 2008-02-28] (Nero AG)
S4 NeroRegInCDSrv; C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032 2008-02-28] (Nero AG)
S4 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-25] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-01] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278728 2009-08-10] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R1 Eve; C:\WINDOWS\System32\DRIVERS\eve.sys [33624 2013-03-28] ()
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2010-12-31] (LogMeIn, Inc.)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2003-04-16] (Microsoft Corporation)
R1 HMFAxCore5decdc700443adec5f3e84408e3098ff; C:\WINDOWS\HMFAxCore5decdc700443adec5f3e84408e3098ff.sys [96328 2014-03-31] (Eltima Software)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [40360 2008-02-28] (Nero AG)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145280 2012-03-02] (ITE )
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2009-08-10] ()
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [53208 2014-05-12] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 msloop; C:\WINDOWS\System32\DRIVERS\loop.sys [4992 2003-04-16] (Microsoft Corporation)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2010-07-16] (CACE Technologies, Inc.)
S2 nvcap; C:\WINDOWS\System32\DRIVERS\nvcap.sys [116924 2002-11-18] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [66688 2009-07-01] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [164896 2009-06-30] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2009-07-01] (NVIDIA Corporation)
S2 NVXBAR; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [10814 2002-11-18] (NVIDIA Corporation)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113608 2013-04-15] (Power Software Ltd)
S3 SE1008mdm; C:\WINDOWS\System32\DRIVERS\SE1008mdm.sys [58536 2009-02-12] (Sony Ericsson)
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-07-31] (Duplex Secure Ltd.)
S3 tap0901_2gm; C:\WINDOWS\System32\DRIVERS\tap0901_2gm.sys [30720 2007-06-21] (The OpenVPN Project)
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R2 thdudf; C:\WINDOWS\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation)
R0 TPkd; C:\WINDOWS\system32\Drivers\TPkd.sys [93336 2012-11-17] (PACE Anti-Piracy, Inc.)
S3 catchme; \??\C:\DOCUME~1\dharma\LOCALS~1\Temp\catchme.sys [X]
S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225856 2008-06-20] (Microsoft Corporation)
S3 vdrive; system32\DRIVERS\vdrive.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 00:08 - 2014-07-27 00:29 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Local Settings\temp
2014-07-26 00:08 - 2014-07-25 22:50 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-07-25 22:55 - 2014-07-26 00:12 - 00018295 _____ () C:\zoek-results.log
2014-07-25 22:50 - 2014-07-25 23:37 - 00000000 ____D () C:\zoek_backup
2014-07-25 22:49 - 2014-07-25 22:50 - 01287168 _____ () C:\Documents and Settings\dharma\Plocha\zoek.exe
2014-07-25 22:01 - 2014-07-25 22:13 - 00001802 _____ () C:\Documents and Settings\dharma\Plocha\JRT.txt
2014-07-25 21:42 - 2014-07-25 21:42 - 01354223 _____ () C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe
2014-07-25 21:41 - 2014-07-25 21:42 - 01016261 _____ (Thisisu) C:\Documents and Settings\dharma\Plocha\JRT.exe
2014-07-25 21:18 - 2014-07-25 21:18 - 00011766 _____ () C:\Documents and Settings\dharma\Plocha\Addition.rar
2014-07-25 21:14 - 2014-07-27 00:29 - 00018304 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
2014-07-25 21:12 - 2014-07-27 00:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2014-07-25 21:11 - 2014-07-27 00:27 - 01084416 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2014-07-23 22:12 - 2014-07-23 22:12 - 00014720 _____ () C:\Documents and Settings\dharma\Plocha\Grafika1.cdr
2014-07-17 17:00 - 2014-07-21 20:12 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\sandrik
2014-07-12 19:33 - 2014-07-21 20:12 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\kat
2014-07-11 13:26 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-09 12:57 - 2014-07-23 19:16 - 00007814 _____ () C:\WINDOWS\setupapi.log
2014-07-02 19:50 - 2014-07-02 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-07-02 19:47 - 2014-07-02 19:47 - 00001919 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001855 _____ () C:\Documents and Settings\All Users\Plocha\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001808 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat XI Pro.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001758 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat Distiller XI.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001741 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Acrobat XI Pro.lnk
2014-07-02 17:46 - 2014-07-02 18:02 - 00000000 ____D () C:\Documents and Settings\dharma\Adobe Acrobat XI Pro
2014-07-02 17:38 - 2014-07-02 17:38 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000796 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000790 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Program Files\Adobe Download Assistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Documents and Settings\Default User\Data aplikací\Macromedia
2014-07-02 17:36 - 2014-07-02 17:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-07-02 16:54 - 2014-07-02 16:54 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\LibreOffice
2014-07-02 16:45 - 2014-07-02 16:46 - 00000000 ___SD () C:\Documents and Settings\All Users\Nabídka Start\Programy\LibreOffice 4.2
2014-07-02 16:45 - 2014-07-02 16:45 - 00000831 _____ () C:\Documents and Settings\All Users\Plocha\LibreOffice 4.2.lnk
2014-07-02 16:36 - 2014-07-02 16:44 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-01 22:19 - 2014-07-01 22:19 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2014-07-01 22:18 - 2014-07-01 22:18 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-07-01 22:17 - 2014-07-27 00:28 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-01 22:15 - 2014-07-07 18:48 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-01 22:15 - 2014-07-01 22:14 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-01 22:14 - 2014-07-01 22:14 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-01 22:14 - 2014-07-01 22:14 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-01 22:11 - 2014-07-01 22:11 - 00000000 ____D () C:\Program Files\AVAST Software

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 00:29 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Temp
2014-07-27 00:29 - 2014-07-25 21:14 - 00018304 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
2014-07-27 00:28 - 2014-07-01 22:17 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-27 00:28 - 2014-04-18 13:12 - 00000000 ____D () C:\FRST
2014-07-27 00:28 - 2009-09-02 09:37 - 00000000 ____D () C:\Documents and Settings\dharma\Dokumenty\Stažené soubory
2014-07-27 00:28 - 2009-02-15 20:19 - 00000000 ___HD () C:\Documents and Settings\dharma\Local Settings\Data aplikací
2014-07-27 00:28 - 2009-02-15 20:19 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha
2014-07-27 00:27 - 2014-07-25 21:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
2014-07-27 00:27 - 2014-07-25 21:11 - 01084416 _____ (Farbar) C:\Documents and Settings\dharma\Plocha\FRST.exe
2014-07-27 00:24 - 2014-05-10 01:47 - 00429775 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-27 00:22 - 2011-03-23 18:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-27 00:22 - 2011-03-23 18:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-27 00:22 - 2009-02-15 20:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-27 00:22 - 2003-04-16 14:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-26 00:19 - 2009-02-15 20:19 - 00000272 ___SH () C:\Documents and Settings\dharma\ntuser.ini
2014-07-26 00:19 - 2009-02-15 20:14 - 00032456 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-26 00:12 - 2014-07-25 22:55 - 00018295 _____ () C:\zoek-results.log
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.002\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.001\Local Settings\temp
2014-07-26 00:08 - 2014-07-26 00:08 - 00000000 ____D () C:\Documents and Settings\Administrator.DHARMA-A14GPJLV.000\Local Settings\temp
2014-07-25 23:37 - 2014-07-25 22:50 - 00000000 ____D () C:\zoek_backup
2014-07-25 23:37 - 2009-02-15 20:47 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-25 23:37 - 2009-02-15 20:47 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-25 23:37 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Data aplikací
2014-07-25 23:37 - 2009-02-15 20:19 - 00000000 ____D () C:\Documents and Settings\dharma
2014-07-25 22:50 - 2014-07-26 00:08 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-07-25 22:50 - 2014-07-25 22:49 - 01287168 _____ () C:\Documents and Settings\dharma\Plocha\zoek.exe
2014-07-25 22:13 - 2014-07-25 22:01 - 00001802 _____ () C:\Documents and Settings\dharma\Plocha\JRT.txt
2014-07-25 22:07 - 2014-04-20 16:37 - 00000000 ____D () C:\AdwCleaner
2014-07-25 22:07 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Dokumenty
2014-07-25 21:43 - 2012-02-13 13:17 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\uTorrent
2014-07-25 21:42 - 2014-07-25 21:42 - 01354223 _____ () C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe
2014-07-25 21:42 - 2014-07-25 21:41 - 01016261 _____ (Thisisu) C:\Documents and Settings\dharma\Plocha\JRT.exe
2014-07-25 21:18 - 2014-07-25 21:18 - 00011766 _____ () C:\Documents and Settings\dharma\Plocha\Addition.rar
2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
2014-07-25 20:39 - 2010-12-30 12:37 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-07-25 20:38 - 2009-08-06 00:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-23 22:12 - 2014-07-23 22:12 - 00014720 _____ () C:\Documents and Settings\dharma\Plocha\Grafika1.cdr
2014-07-23 20:07 - 2014-05-16 18:18 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\web 2
2014-07-23 19:16 - 2014-07-09 12:57 - 00007814 _____ () C:\WINDOWS\setupapi.log
2014-07-23 19:16 - 2009-02-15 20:41 - 00000000 ____D () C:\WINDOWS\system32\ias
2014-07-22 18:21 - 2009-02-17 17:33 - 00000078 _____ () C:\WINDOWS\WatsonsBlockGame.ini
2014-07-21 20:12 - 2014-07-17 17:00 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\sandrik
2014-07-21 20:12 - 2014-07-12 19:33 - 00000000 ____D () C:\Documents and Settings\dharma\Plocha\kat
2014-07-20 17:01 - 2009-03-08 11:34 - 00009088 _____ () C:\WINDOWS\system32\rundll32.exe.Z-missing.txt
2014-07-18 11:59 - 2014-05-11 02:09 - 00071168 _____ () C:\Documents and Settings\dharma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 13:15 - 2009-02-15 20:47 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-10 15:34 - 2014-03-31 15:18 - 00000371 ___SH () C:\WINDOWS\hlistHMFAxCore5decdc700443adec5f3e84408e3098ff
2014-07-10 15:34 - 2009-03-03 08:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2014-07-10 15:33 - 2014-03-31 15:18 - 00000126 ___SH () C:\WINDOWS\wlistHMFAxCore5decdc700443adec5f3e84408e3098ff
2014-07-10 07:07 - 2013-06-21 14:16 - 00000081 _____ () C:\out.txt
2014-07-08 07:59 - 2010-12-30 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2014-07-08 07:59 - 2009-08-05 17:28 - 00000000 ____D () C:\Documents and Settings\dharma\Nabídka Start\Programy\CCleaner
2014-07-08 07:29 - 2014-05-31 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-07-07 18:48 - 2014-07-01 22:15 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-03 14:53 - 2010-01-09 20:16 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Data aplikací\Adobe
2014-07-02 20:08 - 2011-03-22 20:45 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Adobe
2014-07-02 19:50 - 2014-07-02 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-07-02 19:50 - 2009-02-17 22:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-02 19:47 - 2014-07-02 19:47 - 00001919 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001855 _____ () C:\Documents and Settings\All Users\Plocha\Adobe FormsCentral.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001808 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat XI Pro.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001758 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Acrobat Distiller XI.lnk
2014-07-02 19:47 - 2014-07-02 19:47 - 00001741 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Acrobat XI Pro.lnk
2014-07-02 18:56 - 2010-01-19 16:22 - 00000000 ____D () C:\Program Files\Adobe
2014-07-02 18:02 - 2014-07-02 17:46 - 00000000 ____D () C:\Documents and Settings\dharma\Adobe Acrobat XI Pro
2014-07-02 17:44 - 2010-01-10 16:22 - 00353200 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-07-02 17:38 - 2014-07-02 17:38 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000796 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000790 _____ () C:\Documents and Settings\All Users\Plocha\Adobe Download Assistant.lnk
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Program Files\Adobe Download Assistant
2014-07-02 17:37 - 2014-07-02 17:37 - 00000000 ____D () C:\Documents and Settings\Default User\Data aplikací\Macromedia
2014-07-02 17:37 - 2009-02-15 20:47 - 00000000 __RHD () C:\Documents and Settings\Default User\Data aplikací
2014-07-02 17:36 - 2014-07-02 17:36 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-07-02 16:54 - 2014-07-02 16:54 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\LibreOffice
2014-07-02 16:52 - 2009-02-15 20:46 - 03391032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-02 16:46 - 2014-07-02 16:45 - 00000000 ___SD () C:\Documents and Settings\All Users\Nabídka Start\Programy\LibreOffice 4.2
2014-07-02 16:45 - 2014-07-02 16:45 - 00000831 _____ () C:\Documents and Settings\All Users\Plocha\LibreOffice 4.2.lnk
2014-07-02 16:44 - 2014-07-02 16:36 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-07-02 16:02 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Nabídka Start\Programy
2014-07-02 16:02 - 2009-02-15 20:19 - 00000000 ___RD () C:\Documents and Settings\dharma\Nabídka Start
2014-07-02 16:00 - 2009-02-15 20:47 - 00000000 ___HD () C:\Documents and Settings\All Users\Šablony
2014-07-02 05:51 - 2010-06-26 12:09 - 00000000 ____D () C:\Documents and Settings\dharma\Local Settings\Data aplikací\Temp
2014-07-01 22:19 - 2014-07-01 22:19 - 00000000 ____D () C:\Documents and Settings\dharma\Data aplikací\AVAST Software
2014-07-01 22:18 - 2014-07-01 22:18 - 00001733 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-01 22:18 - 2014-07-01 22:18 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2014-07-01 22:16 - 2014-05-04 19:01 - 00000000 ____D () C:\Program Files\Google
2014-07-01 22:14 - 2014-07-01 22:15 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-01 22:14 - 2014-07-01 22:15 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-01 22:14 - 2014-07-01 22:14 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-01 22:14 - 2014-07-01 22:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-01 22:14 - 2014-07-01 22:14 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-01 22:11 - 2014-07-01 22:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-01 22:11 - 2014-03-06 11:24 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AVAST Software

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 1034240 ____N (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1




C:\WINDOWS\system32\winlogon.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0507904 _____ (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea




C:\WINDOWS\system32\svchost.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0014336 _____ (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93




C:\WINDOWS\system32\services.exe
[2003-04-16 14:00] - [2009-02-09 13:25] - 0111104 _____ (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7




C:\WINDOWS\system32\User32.dll
[2003-04-16 14:00] - [2008-04-14 09:52] - 0578560 _____ (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53




C:\WINDOWS\system32\userinit.exe
[2003-04-16 14:00] - [2008-04-14 09:52] - 0026112 _____ (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239




C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2003-04-16 14:00] - [2008-04-14 08:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1








===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:37.27 GB) (Free:9.09 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:68.6 GB) NTFS
Drive f: (Místní disk) (Fixed) (Total:74.53 GB) (Free:5.66 GB) NTFS

Available physical RAM: 1289.7 MB
Total physical RAM: 1791.23 MB
Percentage of memory in use: 27%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 37 GB) (Disk ID: 1CE71CE6)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 82842864)
Partition 1: (Not Active) - (Size=75 GB) - (Type=42)
Disk: 2 (Size: 466 GB) (Disk ID: F81BF81B)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:264A9BB7

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\dharma\Plocha" je 784 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1
%systemroot%\system32\dumprep 0 -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer
rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXDDCATS
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
"C:\Documents and Settings\dharma\Data aplikac\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Gamma Loader.lnk
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^EPSON Status Monitor 3 Environment Check 2.lnk
C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Logitech SetPoint.lnk
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^MagicDisc.lnk
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dharma^Nabdka Start^Programy^Po sputn^Vesmr na dlani.lnk
C:\PROGRA~1\NONOBL~1\vesmir.exe [x]


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
ose REG_DWORD 0x3
Nero BackItUp Scheduler 4.0 REG_DWORD 0x2
Lavasoft Ad-Aware Service REG_DWORD 0x2
Adobe LM Service REG_DWORD 0x3
NeroRegInCDSrv REG_DWORD 0x2
InCDsrvR REG_DWORD 0x2
Adobe Version Cue CS2 REG_DWORD 0x2
gusvc REG_DWORD 0x2
gupdate1c98fa28e326f70 REG_DWORD 0x2
NVSvc REG_DWORD 0x2
Adobe Version Cue CS4 REG_DWORD 0x3
EPSONStatusAgent2 REG_DWORD 0x2
JavaQuickStarterService REG_DWORD 0x2
ForcewareWebInterface REG_DWORD 0x2
idsvc REG_DWORD 0x3
IDriverT REG_DWORD 0x3
lxdd_device REG_DWORD 0x2
nvUpdatusService REG_DWORD 0x2
CyberLink PowerDVD 11.0 Service REG_DWORD 0x2
CyberLink PowerDVD 11.0 Monitor Service REG_DWORD 0x2
CryptSvc REG_DWORD 0x3
CLHNServiceForPowerDVD REG_DWORD 0x2
gupdatem REG_DWORD 0x3
gupdate REG_DWORD 0x2
FsUsbExService REG_DWORD 0x2
PnkBstrA REG_DWORD 0x2

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe"="C:\\Program Files\\CyberLink\\PowerDVD 9\\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\\Program Files\\Lexmark 2500 Series\\app4r.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled:BorgListener"
"C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe"="C:\\Documents and Settings\\dharma\\Dokumenty\\Staen soubory\\detect_routers\\detect_routers.exe:*:Enabled:Detect Multiple Routers"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"="C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe:*:Enabled:Device Monitor Appliaction"
"C:\\Program Files\\Lexmark 2500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled: "
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Disabled:Winamp"
"F:\\Program Files\\Battlefield 2\\BF2.exe"="F:\\Program Files\\Battlefield 2\\BF2.exe:*:Enabled:BF2"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe:*:Enabled: "
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe"="D:\\Program Files\\World_of_Tanks\\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe"="D:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\\Program Files\\Simple Port Forwarding\\spf.exe"="C:\\Program Files\\Simple Port Forwarding\\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe"="C:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe:*:Enabled:VSO Downloader"
"D:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="D:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player 2.0.8"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Simple Port Tester\\spt.exe"="C:\\Program Files\\Simple Port Tester\\spt.exe:*:Enabled:Simple Port Tester"
"C:\\Documents and Settings\\dharma\\Data aplikac\\uTorrent\\uTorrent.exe"="C:\\Documents and Settings\\dharma\\Data aplikac\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\Tomabo\\YouTube Video Downloader\\YouTubeVideoDownloader.exe"="C:\\Program Files\\Tomabo\\YouTube Video Downloader\\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"
"C:\\Program Files\\LibreOffice 4\\program\\soffice.bin"="C:\\Program Files\\LibreOffice 4\\program\\soffice.bin:*:Enabled:LibreOffice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"54321:TCP"="54321:TCP:*:Enabled:uTorrent"
"5400:TCP"="5400:TCP:*:Enabled:ed"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  SearchScopes: HKLM - DefaultScope value is missing.
  
  FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
  FF NetworkProxy: "backup.ftp", "46.36.35.24"
  FF NetworkProxy: "backup.ftp_port", 8118
  FF NetworkProxy: "backup.socks", "46.36.35.24"
  FF NetworkProxy: "backup.socks_port", 8118
  FF NetworkProxy: "backup.ssl", "46.36.35.24"
  FF NetworkProxy: "backup.ssl_port", 8118
  FF NetworkProxy: "ftp", "201.238.233.211"
  FF NetworkProxy: "ftp_port", 3128
  FF NetworkProxy: "http", "201.238.233.211"
  FF NetworkProxy: "http_port", 3128
  FF NetworkProxy: "share_proxy_settings", true
  FF NetworkProxy: "socks", "201.238.233.211"
  FF NetworkProxy: "socks_port", 3128
  FF NetworkProxy: "ssl", "201.238.233.211"
  FF NetworkProxy: "ssl_port", 3128
  FF NetworkProxy: "type", 0
  
  2014-07-26 00:08 - 2014-07-25 22:50 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2014-07-25 22:55 - 2014-07-26 00:12 - 00018295 _____ () C:\zoek-results.log
  2014-07-25 22:50 - 2014-07-25 23:37 - 00000000 ____D () C:\zoek_backup
  2014-07-25 22:49 - 2014-07-25 22:50 - 01287168 _____ () C:\Documents and Settings\dharma\Plocha\zoek.exe
  2014-07-25 22:01 - 2014-07-25 22:13 - 00001802 _____ () C:\Documents and Settings\dharma\Plocha\JRT.txt
  2014-07-25 21:42 - 2014-07-25 21:42 - 01354223 _____ () C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe
  2014-07-25 21:41 - 2014-07-25 21:42 - 01016261 _____ (Thisisu) C:\Documents and Settings\dharma\Plocha\JRT.exe
  2014-07-25 21:18 - 2014-07-25 21:18 - 00011766 _____ () C:\Documents and Settings\dharma\Plocha\Addition.rar
  2014-07-25 21:14 - 2014-07-27 00:29 - 00018304 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
  2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
  2014-07-25 21:12 - 2014-07-27 00:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe
  
  Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
  
  AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:264A9BB7
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Gamma Loader.lnk" /f
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-07-2014
Ran by dharma at 2014-07-27 08:05:46 Run:2
Running from C:\Documents and Settings\dharma\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
SearchScopes: HKLM - DefaultScope value is missing.

FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "backup.ftp", "46.36.35.24"
FF NetworkProxy: "backup.ftp_port", 8118
FF NetworkProxy: "backup.socks", "46.36.35.24"
FF NetworkProxy: "backup.socks_port", 8118
FF NetworkProxy: "backup.ssl", "46.36.35.24"
FF NetworkProxy: "backup.ssl_port", 8118
FF NetworkProxy: "ftp", "201.238.233.211"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "201.238.233.211"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "201.238.233.211"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "201.238.233.211"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0

2014-07-26 00:08 - 2014-07-25 22:50 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-07-25 22:55 - 2014-07-26 00:12 - 00018295 _____ () C:\zoek-results.log
2014-07-25 22:50 - 2014-07-25 23:37 - 00000000 ____D () C:\zoek_backup
2014-07-25 22:49 - 2014-07-25 22:50 - 01287168 _____ () C:\Documents and Settings\dharma\Plocha\zoek.exe
2014-07-25 22:01 - 2014-07-25 22:13 - 00001802 _____ () C:\Documents and Settings\dharma\Plocha\JRT.txt
2014-07-25 21:42 - 2014-07-25 21:42 - 01354223 _____ () C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe
2014-07-25 21:41 - 2014-07-25 21:42 - 01016261 _____ (Thisisu) C:\Documents and Settings\dharma\Plocha\JRT.exe
2014-07-25 21:18 - 2014-07-25 21:18 - 00011766 _____ () C:\Documents and Settings\dharma\Plocha\Addition.rar
2014-07-25 21:14 - 2014-07-27 00:29 - 00018304 _____ () C:\Documents and Settings\dharma\Plocha\FRST.txt
2014-07-25 21:14 - 2014-07-25 21:14 - 00000832 _____ () C:\Documents and Settings\dharma\Plocha\bfu.txt
2014-07-25 21:12 - 2014-07-27 00:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:264A9BB7

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Gamma Loader.lnk" /f

Hosts:
Reboot:
End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Firefox Keyword.URL deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\dharma\Plocha\zoek.exe => Moved successfully.
C:\Documents and Settings\dharma\Plocha\JRT.txt => Moved successfully.
C:\Documents and Settings\dharma\Plocha\adwcleaner_3.216.exe => Moved successfully.
C:\Documents and Settings\dharma\Plocha\JRT.exe => Moved successfully.
C:\Documents and Settings\dharma\Plocha\Addition.rar => Moved successfully.
C:\Documents and Settings\dharma\Plocha\FRST.txt => Moved successfully.
C:\Documents and Settings\dharma\Plocha\bfu.txt => Moved successfully.
C:\Documents and Settings\dharma\Plocha\FRSTLauncher.exe => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":264A9BB7" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Adobe Gamma Loader.lnk" /f =========


Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Zdravím, a než bude kolega pokračovat tak poznámka k MBAM

Při aktualizaci ti jako první nabídne instalaci nové verze - dáš Storno a už to jede
nová verze 2.0 si s WinXP nerozumí

A tady je odinstalátor http://downloads.malwarebytes.org/file/mbam_clean

ať se daří, já mizím

Díky za informaci.

Diky kolegovi za vstup a info

Jak se chova PC??

Vypadá to dobře. Sekání se neděje.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Provedl jsem. Díky za pomoc. Vypadá to dobře.