VIRY.CZ

Dobrý den.
V mozille když se načítají stránky, tak se ještě načítá něco ze stránek superfish.com. Zkoušel jsem mozillu přeinstalovat. Chvilku to vydrželo a po té opět to samé. V opeře taktéž.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01 (ATTENTION: ====> FRST version is 189 days old and could be outdated)
Ran by Mi (administrator) on TU-85861509E4FC on 15-04-2015 10:19:46
Running from C:\Documents and Settings\Mi\Plocha
Loaded Profiles: Mi & UpdatusUser (Available profiles: Mi & UpdatusUser & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 7
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft GmbH) C:\Program Files\Online Armor\OAcat.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\OAsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Documents and Settings\All Users\Data aplikací\Mobile Partner\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Emsisoft GmbH) C:\Program Files\Online Armor\OAui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\OAhlp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(C. Ghisler & Co.) C:\Program Files\Totalcmd\TOTALCMD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-05-15] ()
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065384 2011-12-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files\Online Armor\OAui.exe [7558464 2014-11-19] (Emsisoft GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2412032 2009-09-18] (Vodafone)
HKU\S-1-5-21-1659004503-1767777339-1801674531-1003\...\MountPoints2: {22d39a3c-08d1-11e4-b0f9-d06df0c67189} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1659004503-1767777339-1801674531-1003\...\MountPoints2: {3997b9b0-9dfb-11e3-b07c-9576fe559177} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1659004503-1767777339-1801674531-1003\...\MountPoints2: {6059c970-daaa-11e4-ad44-fe5c1becb5fa} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1659004503-1767777339-1801674531-1003\...\MountPoints2: {f9eb4152-21e8-11e4-b111-b6941609891f} - E:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.cz
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - {D5F76EB8-2EAD-4FB4-B580-DD75F3FA64D4} URL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
ShellExecuteHooks: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll [1033968 2014-11-19] (Emsisoft GmbH)
Tcpip\..\Interfaces\{AD32AA19-9C60-404C-985B-F2ED9D23E41D}: [NameServer] 194.228.211.33 160.218.161.60

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\Extensions\artur.dubovoy@gmail.com [2015-04-09]
FF Extension: Flashblock - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-01-27]
FF Extension: FlashGot - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-01-23]
FF Extension: Flash Block - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2015-01-27]
FF Extension: Adblock Plus - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-13]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [411168 2007-06-14] (Acronis)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [650240 2013-03-01] () [File not signed]
R2 OAcat; C:\Program Files\Online Armor\OAcat.exe [584864 2014-11-19] (Emsisoft GmbH)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
R2 SvcOnlineArmor; C:\Program Files\Online Armor\oasrv.exe [4457688 2014-11-19] (Emsisoft GmbH)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-18] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-13] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-13] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-20] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-13] ()
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2014-12-09] (Windows (R) 2000 DDK provider)
R0 hotcore3; C:\WINDOWS\System32\drivers\hotcore3.sys [38448 2007-03-19] (Paragon Software Group)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [123840 2012-04-18] (NVIDIA Corporation)
R1 OADevice; C:\WINDOWS\system32\drivers\OADriver.sys [210360 2014-10-12] ()
R1 oahlpXX; C:\WINDOWS\system32\drivers\oahlp32.sys [44984 2014-10-12] ()
R1 OAmon; C:\WINDOWS\system32\drivers\OAmon.sys [34856 2014-10-12] (Emsisoft)
R1 OAnet; C:\WINDOWS\system32\drivers\OAnet.sys [31912 2014-11-19] (Emsisoft)
R3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [43264 2003-07-16] (Prolific Technology Inc.) [File not signed]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 10:19 - 2015-04-15 10:20 - 00012094 _____ () C:\Documents and Settings\Mi\Plocha\FRST.txt
2015-04-15 10:19 - 2015-04-15 10:19 - 00000000 ____D () C:\FRST
2015-04-12 12:17 - 2015-04-12 12:17 - 00148601 _____ () C:\Documents and Settings\Mi\Dokumenty\Правильная установка сигналов на боковых - Сценарии - Форум ZDSimulator.htm
2015-04-11 13:33 - 2015-04-11 13:33 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\Редактор сценариев - Сценарии - Форум ZDSimulator - Страница 23_soubory
2015-04-11 13:30 - 2015-04-11 13:35 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\Редактор сценариев - Сценарии - Форум ZDSimulator - Страница 26_soubory
2015-04-11 11:13 - 2015-04-11 11:13 - 00000650 _____ () C:\Documents and Settings\Mi\Nabídka Start\Programy\TextPad.lnk
2015-04-11 11:13 - 2015-04-11 11:13 - 00000000 ____D () C:\Documents and Settings\Mi\Data aplikací\Helios
2015-04-11 11:12 - 2015-04-11 11:12 - 00000000 ____D () C:\Program Files\TextPad 7
2015-04-11 11:12 - 2015-04-11 11:12 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\TextPad
2015-04-08 14:18 - 2015-04-08 14:18 - 01962006 _____ () C:\Documents and Settings\Mi\Dokumenty\T76C6img.bmp
2015-04-08 14:16 - 2015-04-08 14:16 - 00655062 _____ () C:\Documents and Settings\Mi\Dokumenty\T76C6trn.bmp
2015-04-07 11:22 - 2015-04-07 11:22 - 00078331 _____ () C:\Documents and Settings\Mi\Dokumenty\nakladni vlak s 2TE10U.htm
2015-04-07 11:22 - 2015-04-07 11:22 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\nakladni vlak s 2TE10U_soubory
2015-04-07 11:06 - 2015-04-07 11:06 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Free Download Manager
2015-04-04 13:27 - 2015-04-04 13:27 - 00000000 ____D () C:\Documents and Settings\Mi\Nabídka Start\Programy\Vodafone
2015-04-04 13:03 - 2015-04-04 13:03 - 00036446 _____ () C:\Documents and Settings\Mi\Dokumenty\Přepnutí modemu K3765 pro routery - Ká for YOU Fórum.htm
2015-04-04 13:03 - 2015-04-04 13:03 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\Přepnutí modemu K3765 pro routery - Ká for YOU Fórum_soubory
2015-04-04 12:21 - 2015-04-04 12:21 - 00000000 ____D () C:\Documents and Settings\Mi\Data aplikací\Vodafone
2015-04-04 12:20 - 2015-04-04 13:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Vodafone
2015-04-04 12:20 - 2015-04-04 12:20 - 00001986 _____ () C:\Documents and Settings\All Users\Plocha\Vodafone SMS.lnk
2015-04-04 12:20 - 2015-04-04 12:20 - 00001986 _____ () C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Connect.lnk
2015-04-04 12:20 - 2015-04-04 12:20 - 00000000 ____D () C:\Program Files\Vodafone
2015-04-04 12:20 - 2015-04-04 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Vodafone
2015-04-04 12:20 - 2015-04-04 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2015-04-04 11:30 - 2015-04-04 11:30 - 00000000 ____D () C:\Documents and Settings\Mi\Nabídka Start\Programy\Příslušenství
2015-04-04 11:15 - 2015-04-04 11:16 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mobile Partner
2015-04-04 11:15 - 2015-04-04 11:15 - 00000754 _____ () C:\Documents and Settings\All Users\Plocha\Mobile Partner.lnk
2015-04-04 11:15 - 2015-04-04 11:15 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mobile Partner
2015-04-04 11:14 - 2015-04-04 11:16 - 00000000 ____D () C:\Program Files\Mobile Partner
2015-04-04 11:02 - 2015-04-04 11:02 - 00004111 _____ () C:\WINDOWS\Wdf01007Inst.log
2015-04-04 11:02 - 2015-04-04 11:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01007$
2015-04-04 11:02 - 2015-04-04 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2015-04-04 11:02 - 2015-04-04 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-04-04 11:02 - 2013-03-04 10:31 - 00101248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2015-04-04 11:02 - 2013-03-04 10:31 - 00077824 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2015-04-04 11:02 - 2013-03-04 10:31 - 00070528 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2015-04-04 11:02 - 2013-03-04 10:31 - 00027776 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2015-04-04 11:02 - 2013-01-25 03:16 - 00095232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2015-04-04 11:02 - 2012-12-22 03:46 - 00011904 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2015-04-04 11:02 - 2012-08-20 02:37 - 01112288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01007.dll
2015-04-04 11:02 - 2012-08-20 02:37 - 01112288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2015-04-04 11:02 - 2010-10-08 10:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2015-04-04 11:02 - 2010-09-26 12:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2015-04-04 11:02 - 2010-08-06 01:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2015-04-04 11:02 - 2008-03-21 13:57 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-04-04 11:02 - 2005-05-13 10:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys
2015-04-04 10:57 - 2015-04-04 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Martau
2015-04-04 10:42 - 2015-04-04 10:42 - 00000550 _____ () C:\Documents and Settings\All Users\Plocha\Tesco Mobile.lnk
2015-04-04 10:23 - 2015-04-04 10:46 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\OnlineArmor
2015-04-03 14:29 - 2015-04-12 12:17 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\Правильная установка сигналов на боковых - Сценарии - Форум ZDSimulator_soubory
2015-04-03 14:28 - 2015-04-03 14:28 - 00164671 _____ () C:\Documents and Settings\Mi\Dokumenty\FAQ по редактору сценариев - Сценарии - Форум ZDSimulator.htm
2015-04-03 14:28 - 2015-04-03 14:28 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\FAQ по редактору сценариев - Сценарии - Форум ZDSimulator_soubory
2015-03-28 16:31 - 2001-10-25 14:00 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Thawbrkr.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_iscii.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdinpun.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdintel.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdintam.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdinmar.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdinkan.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdinhin.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdinguj.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdindev.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdgeo.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdarmw.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdarme.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
2015-03-28 16:31 - 2001-10-25 14:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
2015-03-28 16:30 - 2007-04-02 23:56 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2015-03-28 16:30 - 2007-04-02 23:56 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_864.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_862.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_720.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 _____ () C:\WINDOWS\system32\c_864.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 _____ () C:\WINDOWS\system32\c_862.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066594 _____ () C:\WINDOWS\system32\c_720.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_708.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28596.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10021.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10005.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10004.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_708.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\C_28596.NLS
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_10021.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_10005.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_10004.nls
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdth3.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdth2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftlx041e.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdvntc.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdurdu.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdth1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdth0.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdsyr2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdsyr1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdheb.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdfa.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbddiv2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbddiv1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbda3.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbda2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbda1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
2015-03-28 16:30 - 2001-10-25 14:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdusa.dll
2015-03-28 16:29 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_21025.nls
2015-03-28 16:29 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_21025.nls
2015-03-28 15:49 - 2001-10-25 14:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20880.nls
2015-03-28 15:49 - 2001-10-25 14:00 - 00066082 _____ () C:\WINDOWS\system32\c_20880.nls
2015-03-28 15:25 - 2015-03-28 15:25 - 00000000 ____D () C:\Documents and Settings\Mi\Local Settings\Data aplikaci
2015-03-28 13:11 - 2015-03-28 16:28 - 00002378 _____ () C:\WINDOWS\regopt.log
2015-03-18 15:05 - 2015-03-18 15:05 - 00000000 ____D () C:\Documents and Settings\Mi\Local Settings\Data aplikací\Bluestacks

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 10:20 - 2012-07-11 13:49 - 00000000 ____D () C:\Documents and Settings\Mi\Local Settings\Temp
2015-04-15 10:19 - 2012-07-11 13:49 - 00000000 ____D () C:\Documents and Settings\Mi\Plocha
2015-04-15 10:08 - 2012-07-12 09:02 - 00005955 _____ () C:\WINDOWS\wincmd.ini
2015-04-15 09:55 - 2014-08-13 12:06 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-04-15 09:40 - 2012-07-11 13:43 - 01738247 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-15 09:39 - 2014-10-13 12:59 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-04-15 09:39 - 2014-10-13 12:59 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-04-15 09:39 - 2012-07-11 13:47 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-15 09:39 - 2001-10-25 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-14 15:13 - 2012-07-11 13:49 - 00000178 ___SH () C:\Documents and Settings\Mi\ntuser.ini
2015-04-14 15:13 - 2012-07-11 13:47 - 00032566 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-14 14:32 - 2014-02-16 12:41 - 00000000 ____D () C:\Program Files\maszyna
2015-04-14 12:52 - 2012-07-12 09:55 - 00000000 ____D () C:\Documents and Settings\Mi\Dokumenty\Stažené soubory
2015-04-14 12:46 - 2012-07-13 08:48 - 00000000 ____D () C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2015-04-14 11:51 - 2012-09-13 12:49 - 00002299 _____ () C:\Documents and Settings\Mi\Nabídka Start\Shape Viewer 2.2.lnk
2015-04-14 09:11 - 2012-07-11 13:49 - 00000000 ___RD () C:\Documents and Settings\Mi\Dokumenty
2015-04-12 15:30 - 2014-12-08 11:41 - 00000000 ____D () C:\Program Files\ZDSimulator
2015-04-12 09:49 - 2013-07-13 10:27 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2015-04-11 13:34 - 2015-03-06 12:16 - 00002565 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Word.lnk
2015-04-11 11:13 - 2014-10-10 14:06 - 00000000 ____D () C:\Documents and Settings\Mi\Nabídka Start\Programy
2015-04-11 11:13 - 2012-07-11 13:49 - 00000000 __RHD () C:\Documents and Settings\Mi\Data aplikací
2015-04-11 11:12 - 2012-07-11 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-04-10 15:14 - 2012-07-11 13:49 - 00000000 ____D () C:\Documents and Settings\Mi
2015-04-10 13:46 - 2014-06-27 10:08 - 00000000 ____D () C:\Documents and Settings\Mi\Local Settings\Data aplikací\Paint.NET
2015-04-10 09:19 - 2012-10-04 22:06 - 00039744 _____ () C:\Documents and Settings\Mi\Data aplikací\GDIPFONTCACHEV1.DAT
2015-04-09 09:59 - 2012-07-12 10:53 - 00000000 _____ () C:\FileOut.Cns
2015-04-09 09:59 - 2012-07-12 10:53 - 00000000 _____ () C:\FileIn.Cns
2015-04-08 10:01 - 2014-10-12 11:45 - 00182408 _____ () C:\WINDOWS\setupapi.log
2015-04-07 11:06 - 2012-07-11 15:35 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-04-04 14:47 - 2015-03-06 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Nástroje sady Microsoft Office
2015-04-04 14:47 - 2012-09-13 14:07 - 00002575 _____ () C:\Documents and Settings\All Users\Nabídka Start\Otevřít dokument Office.lnk
2015-04-04 14:47 - 2012-09-13 14:07 - 00002551 _____ () C:\Documents and Settings\All Users\Nabídka Start\Nový dokument Office.lnk
2015-04-04 14:47 - 2012-07-11 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start
2015-04-04 12:20 - 2012-07-11 15:35 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-04-04 11:02 - 2014-10-12 11:59 - 00020112 _____ () C:\WINDOWS\iis6.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00018549 _____ () C:\WINDOWS\FaxSetup.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00010083 _____ () C:\WINDOWS\ocgen.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00008464 _____ () C:\WINDOWS\tsoc.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00006212 _____ () C:\WINDOWS\comsetup.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00005800 _____ () C:\WINDOWS\msmqinst.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00003759 _____ () C:\WINDOWS\ntdtcsetup.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00003249 _____ () C:\WINDOWS\netfxocm.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00001355 _____ () C:\WINDOWS\imsins.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00001158 _____ () C:\WINDOWS\ocmsn.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2015-04-04 11:02 - 2014-10-12 11:59 - 00000915 _____ () C:\WINDOWS\msgsocm.log
2015-04-04 11:02 - 2014-10-12 10:42 - 00002470 _____ () C:\WINDOWS\setupact.log
2015-04-04 10:46 - 2012-07-11 14:23 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-04-01 11:26 - 2014-12-25 14:00 - 00000000 ____D () C:\f3
2015-04-01 10:26 - 2014-12-07 16:00 - 00000000 ____D () C:\f2
2015-04-01 10:08 - 2012-07-11 14:15 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-04-01 10:04 - 2014-08-01 17:40 - 00000000 ____D () C:\f
2015-03-31 16:00 - 2012-07-11 15:36 - 01277052 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 15:38 - 2012-07-11 13:49 - 00000000 ___RD () C:\Documents and Settings\Mi\Dokumenty\Obrázky
2015-03-29 09:41 - 2012-07-11 14:48 - 00039744 _____ () C:\Documents and Settings\Mi\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2015-03-29 09:40 - 2012-07-11 15:35 - 00208896 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-28 16:30 - 2012-07-11 15:30 - 00000000 ____D () C:\WINDOWS\Help
2015-03-28 15:55 - 2001-10-25 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-03-28 15:20 - 2012-09-25 22:47 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikaci
2015-03-19 12:50 - 2015-03-15 14:46 - 00013824 _____ () C:\Documents and Settings\Mi\Dokumenty\121.xls
2015-03-18 15:05 - 2012-07-11 13:49 - 00000000 ___HD () C:\Documents and Settings\Mi\Local Settings\Data aplikací

Some content of TEMP:
====================
C:\Documents and Settings\Mi\Local Settings\Temp\Foxit Reader Updater.exe
C:\Documents and Settings\Mi\Local Settings\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mi at 2015-04-15 10:52:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (13%) free of 57 GB
Total RAM: 2047 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:16, on 15.4.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\All Users\Data aplikací\Mobile Partner\OnlineUpdate\ouc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Online Armor\OAui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Mi\Plocha\FRST.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD32AA19-9C60-404C-985B-F2ED9D23E41D}: NameServer = 194.228.211.33 160.218.161.60
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 6975 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\extensions\
artur.dubovoy@gmail.com
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-12-05 20065384]
"@OnlineArmor GUI"=C:\Program Files\Online Armor\OAui.exe [2014-11-19 7558464]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-20 4085896]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\ONLINE~2\oaevent.dll [2014-11-19 1033968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\UBISOFT\Ghost Recon Advanced Warfighter 2 Demo SP\graw2.exe"="C:\Program Files\UBISOFT\Ghost Recon Advanced Warfighter 2 Demo SP\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 Demo SP"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll

======List of files/folders created in the last 1 month======

2015-04-15 10:52:34 ----D---- C:\rsit
2015-04-15 10:19:41 ----D---- C:\FRST
2015-04-11 11:13:19 ----D---- C:\Documents and Settings\Mi\Data aplikací\Helios
2015-04-11 11:12:42 ----D---- C:\Program Files\TextPad 7
2015-04-07 11:06:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Free Download Manager
2015-04-04 12:21:36 ----D---- C:\Documents and Settings\Mi\Data aplikací\Vodafone
2015-04-04 12:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vodafone
2015-04-04 12:20:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2015-04-04 12:20:15 ----D---- C:\Program Files\Vodafone
2015-04-04 12:13:23 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2015-04-04 11:15:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mobile Partner
2015-04-04 11:14:18 ----D---- C:\Program Files\Mobile Partner
2015-04-04 11:02:40 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-04-04 11:02:34 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01007.dll
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\usbccid.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_juextctrl.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jubusenum.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_hwupgrade.sys
2015-04-04 10:57:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2015-04-04 10:48:02 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #3.txt
2015-04-04 10:23:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\OnlineArmor
2015-04-04 10:23:35 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2015-03-28 16:31:04 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2015-03-28 16:31:00 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2015-03-28 16:31:00 ----A---- C:\WINDOWS\system32\c_iscii.dll
2015-03-28 16:30:59 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2015-03-28 16:30:55 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda3.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda2.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda1.dll
2015-03-28 16:30:53 ----A---- C:\WINDOWS\system32\kbdusa.dll
2015-03-28 16:30:44 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2015-03-28 16:30:30 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2015-03-28 16:30:28 ----A---- C:\WINDOWS\system32\ftlx041e.dll

======List of files/folders modified in the last 1 month======

2015-04-15 10:53:15 ----D---- C:\Program Files\trend micro
2015-04-15 10:53:00 ----A---- C:\WINDOWS\ModemLog_NOKIA_5140i GPRS Modem.txt
2015-04-15 10:21:01 ----D---- C:\WINDOWS
2015-04-15 10:19:50 ----D---- C:\WINDOWS\system32\CatRoot2
2015-04-15 10:18:39 ----D---- C:\WINDOWS\Prefetch
2015-04-15 10:08:05 ----A---- C:\WINDOWS\wincmd.ini
2015-04-15 09:40:00 ----D---- C:\WINDOWS\Temp
2015-04-14 15:13:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-04-14 14:32:52 ----D---- C:\Program Files\maszyna
2015-04-14 12:46:54 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2015-04-14 10:15:01 ----D---- C:\Downloads
2015-04-12 15:30:49 ----AD---- C:\Program Files\ZDSimulator
2015-04-12 09:49:22 ----A---- C:\WINDOWS\NeroDigital.ini
2015-04-11 11:55:40 ----SHD---- C:\WINDOWS\Installer
2015-04-11 11:12:42 ----RD---- C:\Program Files
2015-04-04 13:06:13 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei).txt
2015-04-04 12:45:59 ----SD---- C:\Documents and Settings\Mi\Data aplikací\Microsoft
2015-04-04 12:20:20 ----D---- C:\WINDOWS\WinSxS
2015-04-04 11:06:10 ----HD---- C:\WINDOWS\inf
2015-04-04 11:02:49 ----D---- C:\WINDOWS\system32\drivers
2015-04-04 11:02:40 ----D---- C:\WINDOWS\system32
2015-04-04 10:47:32 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2015-04-04 10:46:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-04-04 10:24:36 ----SD---- C:\WINDOWS\system32\Microsoft
2015-04-02 13:23:55 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #2.txt
2015-04-01 11:26:07 ----D---- C:\f3
2015-04-01 10:26:31 ----D---- C:\f2
2015-04-01 10:04:40 ----D---- C:\f
2015-03-31 16:00:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-28 16:31:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2015-03-28 16:31:03 ----RSD---- C:\WINDOWS\Fonts
2015-03-28 16:30:15 ----D---- C:\WINDOWS\Help
2015-03-28 15:55:01 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-13 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-13 192352]
R0 hotcore3;hotcore3; C:\WINDOWS\system32\drivers\hotcore3.sys [2007-03-19 38448]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-08-13 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-20 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-08-13 57800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 oahlpXX;Online Armor helper driver; \??\C:\WINDOWS\system32\drivers\oahlp32.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-13 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-13 67824]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-03-04 77824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-01-17 7081064]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-04-18 123840]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2013-01-23 249600]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-03-04 199168]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-06-14 411168]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-13 50344]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Online Armor\OAcat.exe [2014-11-19 584864]
R2 SvcOnlineArmor;Online Armor; C:\Program Files\Online Armor\oasrv.exe [2014-11-19 4457688]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2013-03-01 650240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-23 114800]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

ahoj,
doinstaluj novu javu, vycisti PC s ADWCleanerom a CCleanerom

Pročištěno, ale stále stahuje data z superfish.com.
Nebude vadit, když novou javu naistaluji až příští měsíc? Já jsem připojen přes mobilní net (nemám jinou možnost ), abych se do konece měsíce vešel do fupu a nemusel dokupovat data.

# AdwCleaner v4.201 - Logfile created 15/04/2015 at 12:28:52
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Mi - TU-85861509E4FC
# Running from : C:\Documents and Settings\Mi\Plocha\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion

***** [ Web browsers ] *****

-\\ Internet Explorer v7.0.5730.13


-\\ Mozilla Firefox v35.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [3281 bytes] - [11/10/2014 11:55:40]
AdwCleaner[R1].txt - [1202 bytes] - [15/04/2015 12:26:33]
AdwCleaner[S0].txt - [2694 bytes] - [11/10/2014 11:58:32]
AdwCleaner[S1].txt - [1135 bytes] - [15/04/2015 12:28:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1194 bytes] ##########

mLogfile of random's system information tool 1.10 (written by random/random)
Run by Mi at 2015-04-15 12:51:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (13%) free of 57 GB
Total RAM: 2047 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:54, on 15.4.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\All Users\Data aplikací\Mobile Partner\OnlineUpdate\ouc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Online Armor\OAui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Online Armor\OAhlp.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD32AA19-9C60-404C-985B-F2ED9D23E41D}: NameServer = 194.228.211.33 160.218.161.60
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 6568 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


C:\Documents and Settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\extensions\
artur.dubovoy@gmail.com
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-12-05 20065384]
"@OnlineArmor GUI"=C:\Program Files\Online Armor\OAui.exe [2014-11-19 7558464]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-20 4085896]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\ONLINE~2\oaevent.dll [2014-11-19 1033968]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\UBISOFT\Ghost Recon Advanced Warfighter 2 Demo SP\graw2.exe"="C:\Program Files\UBISOFT\Ghost Recon Advanced Warfighter 2 Demo SP\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 Demo SP"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll

======List of files/folders created in the last 1 month======

2015-04-15 10:52:34 ----D---- C:\rsit
2015-04-15 10:19:41 ----D---- C:\FRST
2015-04-11 11:13:19 ----D---- C:\Documents and Settings\Mi\Data aplikací\Helios
2015-04-11 11:12:42 ----D---- C:\Program Files\TextPad 7
2015-04-07 11:06:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Free Download Manager
2015-04-04 12:21:36 ----D---- C:\Documents and Settings\Mi\Data aplikací\Vodafone
2015-04-04 12:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vodafone
2015-04-04 12:20:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2015-04-04 12:20:15 ----D---- C:\Program Files\Vodafone
2015-04-04 12:13:23 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2015-04-04 11:15:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mobile Partner
2015-04-04 11:14:18 ----D---- C:\Program Files\Mobile Partner
2015-04-04 11:02:40 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-04-04 11:02:34 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01007.dll
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\usbccid.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_juextctrl.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_jubusenum.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys
2015-04-04 11:02:21 ----A---- C:\WINDOWS\system32\drivers\ew_hwupgrade.sys
2015-04-04 10:57:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2015-04-04 10:48:02 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #3.txt
2015-04-04 10:23:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\OnlineArmor
2015-04-04 10:23:35 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2015-03-28 16:31:04 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2015-03-28 16:31:03 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2015-03-28 16:31:01 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2015-03-28 16:31:00 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2015-03-28 16:31:00 ----A---- C:\WINDOWS\system32\c_iscii.dll
2015-03-28 16:30:59 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2015-03-28 16:30:55 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2015-03-28 16:30:54 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda3.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda2.dll
2015-03-28 16:30:53 ----RA---- C:\WINDOWS\system32\kbda1.dll
2015-03-28 16:30:53 ----A---- C:\WINDOWS\system32\kbdusa.dll
2015-03-28 16:30:44 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2015-03-28 16:30:30 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2015-03-28 16:30:29 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2015-03-28 16:30:28 ----A---- C:\WINDOWS\system32\ftlx041e.dll

======List of files/folders modified in the last 1 month======

2015-04-15 12:51:52 ----D---- C:\Program Files\trend micro
2015-04-15 12:49:51 ----A---- C:\WINDOWS\ModemLog_NOKIA_5140i GPRS Modem.txt
2015-04-15 12:48:57 ----D---- C:\Documents and Settings\Mi\Data aplikací\Free Download Manager
2015-04-15 12:47:02 ----D---- C:\WINDOWS\Logs
2015-04-15 12:47:02 ----D---- C:\WINDOWS
2015-04-15 12:47:01 ----D---- C:\WINDOWS\Temp
2015-04-15 12:29:32 ----N---- C:\WINDOWS\SchedLgU.Txt
2015-04-15 12:29:31 ----D---- C:\WINDOWS\system32\CatRoot2
2015-04-15 12:28:57 ----D---- C:\AdwCleaner
2015-04-15 12:28:32 ----A---- C:\WINDOWS\wincmd.ini
2015-04-15 12:24:52 ----D---- C:\Downloads
2015-04-15 12:23:43 ----D---- C:\f3
2015-04-15 10:18:39 ----D---- C:\WINDOWS\Prefetch
2015-04-14 14:32:52 ----D---- C:\Program Files\maszyna
2015-04-12 15:30:49 ----AD---- C:\Program Files\ZDSimulator
2015-04-12 09:49:22 ----A---- C:\WINDOWS\NeroDigital.ini
2015-04-11 11:55:40 ----SHD---- C:\WINDOWS\Installer
2015-04-11 11:12:42 ----RD---- C:\Program Files
2015-04-04 13:06:13 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei).txt
2015-04-04 12:45:59 ----SD---- C:\Documents and Settings\Mi\Data aplikací\Microsoft
2015-04-04 12:20:20 ----D---- C:\WINDOWS\WinSxS
2015-04-04 11:06:10 ----HD---- C:\WINDOWS\inf
2015-04-04 11:02:49 ----D---- C:\WINDOWS\system32\drivers
2015-04-04 11:02:40 ----D---- C:\WINDOWS\system32
2015-04-04 10:47:32 ----A---- C:\WINDOWS\ModemLog_Nokia 3220 Cable.txt
2015-04-04 10:46:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-04-04 10:24:36 ----SD---- C:\WINDOWS\system32\Microsoft
2015-04-02 13:23:55 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #2.txt
2015-04-01 10:26:31 ----D---- C:\f2
2015-04-01 10:04:40 ----D---- C:\f
2015-03-31 16:00:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-28 16:31:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2015-03-28 16:31:03 ----RSD---- C:\WINDOWS\Fonts
2015-03-28 16:30:15 ----D---- C:\WINDOWS\Help
2015-03-28 15:55:01 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-08-13 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-08-13 192352]
R0 hotcore3;hotcore3; C:\WINDOWS\system32\drivers\hotcore3.sys [2007-03-19 38448]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-08-13 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-08-20 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-08-13 57800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 oahlpXX;Online Armor helper driver; \??\C:\WINDOWS\system32\drivers\oahlp32.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-08-13 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-08-13 67824]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2013-03-04 77824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-01-17 7081064]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-04-18 123840]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2013-01-23 249600]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-03-04 199168]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-06-14 411168]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-13 50344]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Online Armor\OAcat.exe [2014-11-19 584864]
R2 SvcOnlineArmor;Online Armor; C:\Program Files\Online Armor\oasrv.exe [2014-11-19 4457688]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2013-03-01 650240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-23 114800]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

- doporucujem pouzit zoek http://forum.viry.cz/viewtopic.php?f=13 ... k#p1391319
- cistenie s CCleanerom prebehlo

Ano. Čištění CCleanerom proběhlo. Jinak stále načítá data z superfish.com. Ale stránky začaly mnohem rychleji nabíhat. Jinak prosím pokračování až zítra dnes již nebudu na PC.


Zoek.exe v5.0.0.0 Updated 05-March-2015
Tool run by Mi on st 15.04.2015 at 14:51:20,31.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Documents and Settings\Mi\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.4.2015 14:53:49 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\DOCUME~1\Mi\NABDKA~1\Programy\Notepad++ deleted successfully
C:\DOCUME~1\Mi\NABDKA~1\Programy\Po spuçtŘnˇ deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{D5F76EB8-2EAD-4FB4-B580-DD75F3FA64D4} deleted successfully
HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-1659004503-1767777339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{20a82645-c095-46ed-80e3-08825760534b} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Yahoo! deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05.10.2014 09:54]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.08.2014 12:06]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88DA244E-4CEA-49E4-AD6A-301B65131E25} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SzopaTrackViewer_is1 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E442AD88AEC44E94DAA603B15631E152 deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Mi\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1 folders=2 241 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Mi\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Mi\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on st 15.04.2015 at 15:21:39,12 ======================

prescanuj PC s MBAM

Ahoj, skús postupovať podľa tohoto návodu + aké máš nainštalované Add-Ons v FF ?
http://rodi.sk/blog/lenovo-adware-super ... modia.html

Keď spustíš FF v Safe Mode, stále je tam problém ?
firefox -safe-mode

Tak se to konečně po čtyřech hodinách oscenovalo.
Já ale v ovládacích panelech přidat odebrat programy nic nemám, ani jsem nic neměl. To samé v mozille tam také žádný certifikát nemám.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2015.04.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Mi :: TU-85861509E4FC [administrátor]

Ochrana: Zakázána

16.4.2015 10:55:18
MBAM-log-2015-04-16 (15-16-21).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 819945
Uplynulý čas: 4 hodin, 16 minut, 20 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 11
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\DpInterface32.dll.vir (PUP.Optional.Skytech.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\DpInterface64.dll.vir (PUP.Optional.Skytech.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\RSHP.exe.vir (PUP.Optional.IEPluginService.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SearchProtect32.dll.vir (PUP.Optional.Skytech.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SearchProtect64.dll.vir (PUP.Optional.Skytech.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SupIePluginServiceUpdate.exe.vir (PUP.Optional.IePluginService.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Nebyla provedena žádná instrukce.
D:\Dokumenty\Instal\Instal programy\pack.rar (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
D:\Dokumenty\Instal\NOD32\nod32.zip (PUP.RiskWareTool.CK) -> Nebyla provedena žádná instrukce.
D:\Dokumenty\Instal\NOD32\NOD32CZ.ZIP (PUP.RiskWareTool.CK) -> Nebyla provedena žádná instrukce.
D:\RECYCLER\S-1-5-21-329068152-117609710-682003330-1003\Df4.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.

(konec)

1. vsetko najdene nechaj odstranit v MBAM
2. stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim

stiskni klavesu 1 pre pokracovanie a potvrd klavesou Enter:



akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:/Combofix.txt (jeho obsah vloz sem

Skúšal si ten Safe Mode vo Firefoxe ? – alebo dočasne vypni všetky Add-Ons...

Safe mod jsem dosud nezkoušel. Pokračování zítra prosím. Dnes již s PC končím.

ComboFix 15-04-16.01 - Mi 16.04.2015 19:42:53.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1406 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mi\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *Enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MW
c:\program files\MW\TGATool2\TGATool2A.exe
c:\program files\MW\TGATool2\unins000.dat
c:\program files\MW\TGATool2\unins000.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-16 do 2015-04-16 )))))))))))))))))))))))))))))))
.
.
2015-04-16 08:14 . 2015-04-16 08:14 -------- d-----w- c:\documents and settings\Mi\Data aplikací\Malwarebytes
2015-04-16 08:13 . 2015-04-16 08:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2015-04-16 08:13 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-16 07:49 . 2015-04-16 08:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2015-04-15 13:17 . 2015-04-15 12:51 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-15 12:51 . 2015-04-15 13:11 -------- d-----w- C:\zoek_backup
2015-04-15 08:52 . 2015-04-15 08:53 -------- d-----w- C:\rsit
2015-04-15 08:19 . 2015-04-15 08:21 -------- d-----w- C:\FRST
2015-04-11 09:13 . 2015-04-11 09:13 -------- d-----w- c:\documents and settings\Mi\Data aplikací\Helios
2015-04-11 09:12 . 2015-04-11 09:12 -------- d-----w- c:\program files\TextPad 7
2015-04-07 09:06 . 2015-04-07 09:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Free Download Manager
2015-04-04 10:21 . 2015-04-04 10:21 -------- d-----w- c:\documents and settings\Mi\Data aplikací\Vodafone
2015-04-04 10:20 . 2015-04-04 10:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Vodafone
2015-04-04 10:20 . 2015-04-04 10:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FLEXnet
2015-04-04 10:20 . 2015-04-04 10:20 -------- d-----w- c:\program files\Vodafone
2015-04-04 09:15 . 2015-04-04 09:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Mobile Partner
2015-04-04 09:14 . 2015-04-04 09:16 -------- d-----w- c:\program files\Mobile Partner
2015-04-04 08:57 . 2015-04-04 08:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Martau
2015-04-04 08:23 . 2015-04-04 08:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\OnlineArmor
2015-03-28 14:30 . 2001-10-25 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdvntc.dll
2015-03-18 13:05 . 2015-03-18 13:05 -------- d-----w- c:\documents and settings\Mi\Local Settings\Data aplikací\Bluestacks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 12:17 . 2012-07-13 09:19 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-23 12:17 . 2012-07-13 09:19 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-13 10:06 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
"RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384]
"@OnlineArmor GUI"="c:\program files\Online Armor\OAui.exe" [2014-11-19 7558464]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-20 4085896]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-18 2412032]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\ONLINE~2\oaevent.dll" [2014-11-19 1033968]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"clr_optimization_v4.0.30319_32"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\UBISOFT\\Ghost Recon Advanced Warfighter 2 Demo SP\\graw2.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [13.8.2014 12:06 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [13.8.2014 12:06 192352]
R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [1.10.2013 11:43 38448]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [13.8.2014 12:06 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [13.8.2014 12:06 414520]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [13.7.2012 7:49 210360]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [13.7.2012 7:49 44984]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [13.7.2012 7:49 34856]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [13.7.2012 7:49 31912]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [13.8.2014 12:06 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [13.8.2014 12:06 67824]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [24.7.2014 11:21 242216]
R2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\OAcat.exe [13.7.2012 7:49 584864]
R2 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\OAsrv.exe [13.7.2012 7:49 4457688]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [18.9.2009 17:48 9216]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [4.4.2015 11:02 77824]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16.4.2015 10:13 22856]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.4.2015 10:13 701512]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files\Mobile Partner\UpdateDog\ouc.exe [4.4.2015 11:14 650240]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.7.2012 14:18 1691480]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [3.10.2013 8:45 13896]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [3.10.2013 8:45 9160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [4.4.2015 11:02 95232]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [25.2.2014 12:34 249600]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-13 10:06]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
FF - ProfilePath - c:\documents and settings\Mi\Data aplikací\Mozilla\Firefox\Profiles\atj2o5s3.default-1422009022359\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Data aplikací\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze_web.exe
AddRemove-TGATool2A_is1 - c:\program files\MW\TGATool2\unins000.exe
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\documents and settings\All Users\Data aplikací\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-04-16 19:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2015-04-16 19:53:09
ComboFix-quarantined-files.txt 2015-04-16 17:53
.
Před spuštěním: 8 288 346 112
Po spuštění: 8 252 010 496
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0FDDAF77E64A7217D585ACC994633706
413FC2A0C716421B3158746D63736515

Tak jsem vyzkoušel mozillu v safe-modu. Tam to nedělá. Doplňky používám openh264 video codec poskytnutý společností Cisco system, foxit reader pligin for mozilla, java deployment toolkit, java platform, microsoft DRM, skocwave flash, windows media player plug-in dynamic link library, windows presentation foundation, adblock plus, flashblock, flashgot, flash video downloader.
Ještě jsem si všimnul, že stahuje data i z www.best-deals-products.com

doporucujem nainstalovat MSIE8
odinstalovat Mozillu - vycistit PC s CCleanerom - doinstalovat Mozillu

Tak jsem odinstaloval mozillu. To však nemomohlo. Pomohlo až jsem ručně smazal vše co měla mozilla v Dokument and Settings Data aplikací a poté naistaloval mozillu znova se všemi doplňky. Teď to vypadá že je to v pořádku. Log byli tedy čisté. Všechno co zbylo po čištění mohu tedy smazat?

spina bola hlboko zazrata
citat:
•Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
•Oznacte jen moznost "Remove disinfection tools"
•kliknete na Run

a mame fajront