Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Prosím o kontrolu logu

#1 Příspěvek od dodohuhu »

Prosím o kontrolu logu.
Nevím si rady.
Přílohy
log celek.rar
(929.99 KiB) Staženo 27 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#3 Příspěvek od dodohuhu »

Rudy píše:Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
NApsalo to toto.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2013
Ran by Uživatel (administrator) on U-ED0AF5758D5B4 on 13-11-2013 20:06:44
Running from C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D\FRST[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065896 2012-04-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [mwavscan_autoscan] - C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com [2329160 2009-11-06] (MicroWorld Technologies Inc.) <===== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-07-22] (Google Inc.)
HKCU\...\Run: [Adobe Reader Synchronizer] - C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1264360 2012-12-18] (Adobe Systems Incorporated)
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {23b21aa6-cf6e-4ded-85aa-76ebb36e384c} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {76859dfd-b169-4f33-b4cf-9c0f4958995b} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bb0a7ad-06d1-4065-8fd9-8e3e9944e0a9} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @ei.FestiveBar_3g.com/Plugin - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
FF Plugin: @ei.GamingWonderland.com/Plugin - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
FF Plugin: @ei.Zwinky_5q.com/Plugin - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\staged
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\yasearch@yandex.ru
FF Extension: ftdownloader4 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ftdownloader4@ftdownloader.com.xpi
FF Extension: gophoto - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: trtv3 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\trtv3@trtv.com.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll No File
CHR Plugin: (FestiveBar Installer Plugin Stub) - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
CHR Plugin: (GamingWonderland Installer Plugin Stub) - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npmediago.dll No File
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll No File
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (FTdownloader V4.0) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok\4.0_0
CHR Extension: (DefaultTab) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0
CHR Extension: (Google Wallet Service) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0
CHR HKLM\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files\FTDownloader.com\FTDownloader10.crx
CHR HKLM\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files\TornTV.com\torntv10.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-01-18] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 ATIAVAIW; C:\Windows\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-06] (DT Soft Ltd)
S3 FANTOM; C:\Windows\System32\DRIVERS\fantom.sys [39424 2007-11-09] (National Instruments Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S4 IntelIde; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:41 - 2013-11-13 07:53 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2013-11-13 07:41 - 2005-09-22 23:22 - 00000522 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-13 00:11 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-13 07:33 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-10 19:33 - 2013-11-11 10:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:32 - 2013-11-11 10:56 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:05 - 2013-11-09 18:12 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:05 - 2013-11-09 18:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 17:54 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 17:54 - 2013-11-09 18:03 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-11-01 18:29 - 2013-11-13 18:46 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-10-30 23:12 - 2013-11-09 17:09 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-10-30 22:53 - 2013-11-09 17:09 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 18:39 - 2013-10-30 19:01 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:11 - 2013-11-09 17:12 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-27 19:11 - 2013-10-27 19:12 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:10 - 2013-10-27 19:11 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:06 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-10-27 19:02 - 2013-10-27 19:03 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-17 17:37 - 2013-11-13 07:41 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

==================== One Month Modified Files and Folders =======

2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 20:04 - 2012-07-12 13:29 - 00008192 ___SH C:\WINDOWS\Thumbs.db
2013-11-13 19:47 - 2012-07-22 12:12 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003UA.job
2013-11-13 19:45 - 2012-01-05 15:32 - 01922684 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 19:10 - 2012-10-07 10:40 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 19:09 - 2013-06-07 17:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:46 - 2013-11-01 18:29 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-11-13 18:46 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 13:12 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Oblíbené položky
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:53 - 2013-11-13 07:41 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2013-10-17 17:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-13 07:41 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-13 07:36 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2013-11-13 07:35 - 2012-01-05 16:24 - 01022040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 07:33 - 2013-11-12 20:48 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-13 07:33 - 2012-01-05 15:36 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2013-11-13 07:32 - 2004-08-18 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 07:31 - 2012-10-07 10:40 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 07:31 - 2012-01-05 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 07:31 - 2012-01-05 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 07:31 - 2012-01-05 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 00:27 - 2012-01-05 15:58 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-13 00:27 - 2012-01-05 15:36 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2013-11-13 00:27 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel
2013-11-13 00:27 - 2012-01-05 15:35 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 00:11 - 2013-11-12 21:01 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-13 00:11 - 2012-07-12 09:52 - 00435806 _____ C:\WINDOWS\setupapi.log
2013-11-13 00:11 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2013-11-12 21:49 - 2012-01-06 17:46 - 00000000 ____D C:\bat2
2013-11-12 21:14 - 2012-01-05 15:36 - 00001599 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:09 - 2012-01-05 15:33 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-12 20:47 - 2012-07-22 12:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003Core.job
2013-11-11 17:00 - 2013-06-27 21:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Sony Mobile
2013-11-11 17:00 - 2013-06-27 21:35 - 00000000 ____D C:\Program Files\Sony Mobile
2013-11-11 16:59 - 2013-01-07 17:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2013-11-11 16:59 - 2013-01-07 17:06 - 00000000 ____D C:\Program Files\Sony Ericsson
2013-11-11 16:57 - 2012-02-07 17:25 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-11-11 16:56 - 2012-03-05 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2013-11-11 16:56 - 2012-02-07 17:23 - 00000000 ____D C:\Program Files\Sony
2013-11-11 10:59 - 2012-05-14 16:55 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity
2013-11-11 10:56 - 2013-11-10 19:32 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-11 10:54 - 2013-11-10 19:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:53 - 2012-07-24 18:47 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\BitTorrent
2013-11-10 19:35 - 2012-07-24 20:59 - 00000000 ____D C:\toro
2013-11-10 19:35 - 2012-07-24 18:47 - 00000000 ____D C:\Program Files\BitTorrent
2013-11-10 19:33 - 2012-01-05 15:36 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:12 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-09 18:07 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 18:05 - 2013-11-09 17:54 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 18:05 - 2011-06-11 00:58 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-11-09 18:05 - 2011-06-11 00:58 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-11-09 18:03 - 2013-11-09 17:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:54 - 2012-01-06 10:02 - 00001032 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-09 17:54 - 2012-01-05 15:36 - 00001105 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Internet Explorer.lnk
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 17:12 - 2013-10-27 19:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-11-09 17:12 - 2013-01-13 18:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Corporation
2013-11-09 17:09 - 2013-10-30 23:12 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-11-09 17:09 - 2013-10-30 22:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-11-09 16:57 - 2012-01-06 17:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-08 14:31 - 2012-10-03 18:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-08 14:31 - 2012-10-03 18:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 19:01 - 2013-10-30 18:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:26 - 2012-01-07 10:56 - 00014846 _____ C:\WINDOWS\KB2510531-IE8.log
2013-10-27 19:26 - 2012-01-06 09:48 - 00249431 _____ C:\WINDOWS\updspapi.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01557937 _____ C:\WINDOWS\iis6.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01421273 _____ C:\WINDOWS\FaxSetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00688569 _____ C:\WINDOWS\ocgen.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00652447 _____ C:\WINDOWS\tsoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00487823 _____ C:\WINDOWS\comsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00449134 _____ C:\WINDOWS\msmqinst.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00293261 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00249388 _____ C:\WINDOWS\netfxocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00100201 _____ C:\WINDOWS\MedCtrOC.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00088712 _____ C:\WINDOWS\ocmsn.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00072358 _____ C:\WINDOWS\tabletoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00071167 _____ C:\WINDOWS\msgsocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-27 19:15 - 2012-01-06 09:50 - 00141449 _____ C:\WINDOWS\spupdsvc.log
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Obrázky
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Hudba
2013-10-27 19:14 - 2012-11-03 13:15 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2013-10-27 19:14 - 2012-01-06 10:27 - 00247190 _____ C:\WINDOWS\ie8_main.log
2013-10-27 19:14 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Help
2013-10-27 19:13 - 2013-10-10 23:22 - 00047334 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-27 19:13 - 2013-08-15 19:09 - 00048719 _____ C:\WINDOWS\KB2862772-IE8.log
2013-10-27 19:13 - 2012-09-22 13:04 - 00053338 _____ C:\WINDOWS\KB2744842-IE8.log
2013-10-27 19:13 - 2012-01-07 11:02 - 00055937 _____ C:\WINDOWS\KB2618444-IE8.log
2013-10-27 19:13 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:12 - 2013-10-27 19:11 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:12 - 2012-01-06 10:13 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-10-27 19:11 - 2013-10-27 19:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:11 - 2012-01-06 10:39 - 00099643 _____ C:\WINDOWS\ie8.log
2013-10-27 19:11 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Media
2013-10-27 19:03 - 2013-10-27 19:02 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-27 19:03 - 2012-01-07 10:55 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-17 17:28 - 2012-01-21 17:14 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Filmy
2013-10-17 17:28 - 2012-01-05 15:29 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Filmy
2013-10-17 17:27 - 2012-10-28 12:32 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-17 17:27 - 2012-10-28 12:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-17 17:27 - 2012-01-06 08:40 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-15 18:25 - 2013-09-08 19:21 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\so
2013-10-15 18:11 - 2012-04-14 17:44 - 00001739 _____ C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2013-10-15 18:11 - 2012-01-05 15:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-15 18:11 - 2012-01-05 15:51 - 00892728 _____ C:\WINDOWS\DPINST.LOG
2013-10-14 16:59 - 2012-01-05 15:56 - 00000000 ____D C:\WINDOWS\Microsoft.NET

Files to move or delete:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com


Some content of TEMP:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\6_Offer_4.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avguidx.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avxdisk.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdc.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdcore.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib2k.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdupdateservice.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\CommonInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DEVCON.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\download.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7370014.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7380009.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7410004.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\eEmpty.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\encdec.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\esupdate.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\FSSync.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\Getvlist.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_pdf2txt_setup15 - CHIP Downloader[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\iGearedHelper.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ikave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ipc.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\JFS.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\JSM.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\kave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\kavvlg.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\KK.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid11189354.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid8664609.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\LuckyLeap.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MachineIdCreator.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\Medal of Honor_uninst.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcp80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcr80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvl64.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvlclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVL.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVReg.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\mwunzip.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\prLoader.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ptu12_tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\red32.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\reload.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\scan.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ScanningProcess.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setpriv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\test2.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\toolbar9284421.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ToolbarInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi14.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi6C.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\UnityWebPlayer7807625750650097017.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\unregx.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\viewtcp.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-18 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-18 13:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#4 Příspěvek od dodohuhu »

dodohuhu píše:
Rudy píše:Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . ESafe není zrovna důvěryhodný antivir.
NApsalo to toto.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2013
Ran by Uživatel (administrator) on U-ED0AF5758D5B4 on 13-11-2013 20:06:44
Running from C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\JLP0HJ8D\FRST[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065896 2012-04-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [mwavscan_autoscan] - C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com [2329160 2009-11-06] (MicroWorld Technologies Inc.) <===== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-07-22] (Google Inc.)
HKCU\...\Run: [Adobe Reader Synchronizer] - C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1264360 2012-12-18] (Adobe Systems Incorporated)
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {23b21aa6-cf6e-4ded-85aa-76ebb36e384c} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {76859dfd-b169-4f33-b4cf-9c0f4958995b} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bb0a7ad-06d1-4065-8fd9-8e3e9944e0a9} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @ei.FestiveBar_3g.com/Plugin - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
FF Plugin: @ei.GamingWonderland.com/Plugin - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
FF Plugin: @ei.Zwinky_5q.com/Plugin - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\staged
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\yasearch@yandex.ru
FF Extension: ftdownloader4 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ftdownloader4@ftdownloader.com.xpi
FF Extension: gophoto - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: trtv3 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\trtv3@trtv.com.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll No File
CHR Plugin: (FestiveBar Installer Plugin Stub) - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
CHR Plugin: (GamingWonderland Installer Plugin Stub) - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npmediago.dll No File
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll No File
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (FTdownloader V4.0) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok\4.0_0
CHR Extension: (DefaultTab) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0
CHR Extension: (Google Wallet Service) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0
CHR HKLM\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files\FTDownloader.com\FTDownloader10.crx
CHR HKLM\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files\TornTV.com\torntv10.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-01-18] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 ATIAVAIW; C:\Windows\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-06] (DT Soft Ltd)
S3 FANTOM; C:\Windows\System32\DRIVERS\fantom.sys [39424 2007-11-09] (National Instruments Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S4 IntelIde; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:41 - 2013-11-13 07:53 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2013-11-13 07:41 - 2005-09-22 23:22 - 00000522 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-13 00:11 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-13 07:33 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-10 19:33 - 2013-11-11 10:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:32 - 2013-11-11 10:56 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:05 - 2013-11-09 18:12 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:05 - 2013-11-09 18:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 17:54 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 17:54 - 2013-11-09 18:03 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-11-01 18:29 - 2013-11-13 18:46 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-10-30 23:12 - 2013-11-09 17:09 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-10-30 22:53 - 2013-11-09 17:09 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 18:39 - 2013-10-30 19:01 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:11 - 2013-11-09 17:12 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-27 19:11 - 2013-10-27 19:12 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:10 - 2013-10-27 19:11 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:06 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-10-27 19:02 - 2013-10-27 19:03 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-17 17:37 - 2013-11-13 07:41 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

==================== One Month Modified Files and Folders =======

2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 20:04 - 2012-07-12 13:29 - 00008192 ___SH C:\WINDOWS\Thumbs.db
2013-11-13 19:47 - 2012-07-22 12:12 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003UA.job
2013-11-13 19:45 - 2012-01-05 15:32 - 01922684 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 19:10 - 2012-10-07 10:40 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 19:09 - 2013-06-07 17:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-13 18:46 - 2013-11-13 18:46 - 00952306 _____ C:\Documents and Settings\Uživatel\Plocha\log celek.rar
2013-11-13 18:46 - 2013-11-01 18:29 - 19742509 _____ C:\Documents and Settings\Uživatel\Plocha\vir.txt
2013-11-13 18:46 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2013-11-13 18:45 - 2013-11-13 18:45 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log.ddd.rar
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:20 - 2013-11-13 18:20 - 19742279 _____ C:\Documents and Settings\Uživatel\Plocha\MWAV.LOG
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 13:12 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Oblíbené položky
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:53 - 2013-11-13 07:41 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2013-10-17 17:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-13 07:41 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-13 07:36 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2013-11-13 07:35 - 2012-01-05 16:24 - 01022040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 07:33 - 2013-11-12 20:48 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-13 07:33 - 2012-01-05 15:36 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2013-11-13 07:32 - 2004-08-18 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 07:31 - 2012-10-07 10:40 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 07:31 - 2012-01-05 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 07:31 - 2012-01-05 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 07:31 - 2012-01-05 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 00:27 - 2012-01-05 15:58 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-13 00:27 - 2012-01-05 15:36 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2013-11-13 00:27 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel
2013-11-13 00:27 - 2012-01-05 15:35 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 00:11 - 2013-11-12 21:01 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-13 00:11 - 2012-07-12 09:52 - 00435806 _____ C:\WINDOWS\setupapi.log
2013-11-13 00:11 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2013-11-12 21:49 - 2012-01-06 17:46 - 00000000 ____D C:\bat2
2013-11-12 21:14 - 2012-01-05 15:36 - 00001599 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:09 - 2012-01-05 15:33 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-12 20:47 - 2012-07-22 12:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003Core.job
2013-11-11 17:00 - 2013-06-27 21:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Sony Mobile
2013-11-11 17:00 - 2013-06-27 21:35 - 00000000 ____D C:\Program Files\Sony Mobile
2013-11-11 16:59 - 2013-01-07 17:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2013-11-11 16:59 - 2013-01-07 17:06 - 00000000 ____D C:\Program Files\Sony Ericsson
2013-11-11 16:57 - 2012-02-07 17:25 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-11-11 16:56 - 2012-03-05 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2013-11-11 16:56 - 2012-02-07 17:23 - 00000000 ____D C:\Program Files\Sony
2013-11-11 10:59 - 2012-05-14 16:55 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity
2013-11-11 10:56 - 2013-11-10 19:32 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-11 10:54 - 2013-11-10 19:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:53 - 2012-07-24 18:47 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\BitTorrent
2013-11-10 19:35 - 2012-07-24 20:59 - 00000000 ____D C:\toro
2013-11-10 19:35 - 2012-07-24 18:47 - 00000000 ____D C:\Program Files\BitTorrent
2013-11-10 19:33 - 2012-01-05 15:36 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:12 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-09 18:07 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 18:05 - 2013-11-09 17:54 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 18:05 - 2011-06-11 00:58 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-11-09 18:05 - 2011-06-11 00:58 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-11-09 18:03 - 2013-11-09 17:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:54 - 2012-01-06 10:02 - 00001032 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-09 17:54 - 2012-01-05 15:36 - 00001105 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Internet Explorer.lnk
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 17:12 - 2013-10-27 19:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-11-09 17:12 - 2013-01-13 18:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Corporation
2013-11-09 17:09 - 2013-10-30 23:12 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-11-09 17:09 - 2013-10-30 22:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-11-09 16:57 - 2012-01-06 17:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-08 14:31 - 2012-10-03 18:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-08 14:31 - 2012-10-03 18:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 19:01 - 2013-10-30 18:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:26 - 2012-01-07 10:56 - 00014846 _____ C:\WINDOWS\KB2510531-IE8.log
2013-10-27 19:26 - 2012-01-06 09:48 - 00249431 _____ C:\WINDOWS\updspapi.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01557937 _____ C:\WINDOWS\iis6.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01421273 _____ C:\WINDOWS\FaxSetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00688569 _____ C:\WINDOWS\ocgen.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00652447 _____ C:\WINDOWS\tsoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00487823 _____ C:\WINDOWS\comsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00449134 _____ C:\WINDOWS\msmqinst.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00293261 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00249388 _____ C:\WINDOWS\netfxocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00100201 _____ C:\WINDOWS\MedCtrOC.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00088712 _____ C:\WINDOWS\ocmsn.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00072358 _____ C:\WINDOWS\tabletoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00071167 _____ C:\WINDOWS\msgsocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-27 19:15 - 2012-01-06 09:50 - 00141449 _____ C:\WINDOWS\spupdsvc.log
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Obrázky
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Hudba
2013-10-27 19:14 - 2012-11-03 13:15 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2013-10-27 19:14 - 2012-01-06 10:27 - 00247190 _____ C:\WINDOWS\ie8_main.log
2013-10-27 19:14 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Help
2013-10-27 19:13 - 2013-10-10 23:22 - 00047334 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-27 19:13 - 2013-08-15 19:09 - 00048719 _____ C:\WINDOWS\KB2862772-IE8.log
2013-10-27 19:13 - 2012-09-22 13:04 - 00053338 _____ C:\WINDOWS\KB2744842-IE8.log
2013-10-27 19:13 - 2012-01-07 11:02 - 00055937 _____ C:\WINDOWS\KB2618444-IE8.log
2013-10-27 19:13 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:12 - 2013-10-27 19:11 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:12 - 2012-01-06 10:13 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-10-27 19:11 - 2013-10-27 19:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:11 - 2012-01-06 10:39 - 00099643 _____ C:\WINDOWS\ie8.log
2013-10-27 19:11 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Media
2013-10-27 19:03 - 2013-10-27 19:02 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-27 19:03 - 2012-01-07 10:55 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-17 17:28 - 2012-01-21 17:14 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Filmy
2013-10-17 17:28 - 2012-01-05 15:29 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Filmy
2013-10-17 17:27 - 2012-10-28 12:32 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-17 17:27 - 2012-10-28 12:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-17 17:27 - 2012-01-06 08:40 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-15 18:25 - 2013-09-08 19:21 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\so
2013-10-15 18:11 - 2012-04-14 17:44 - 00001739 _____ C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2013-10-15 18:11 - 2012-01-05 15:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-15 18:11 - 2012-01-05 15:51 - 00892728 _____ C:\WINDOWS\DPINST.LOG
2013-10-14 16:59 - 2012-01-05 15:56 - 00000000 ____D C:\WINDOWS\Microsoft.NET

Files to move or delete:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com


Some content of TEMP:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\6_Offer_4.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avguidx.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avxdisk.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdc.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdcore.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib2k.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdupdateservice.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\CommonInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DEVCON.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\download.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7370014.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7380009.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7410004.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\eEmpty.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\encdec.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\esupdate.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\FSSync.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\Getvlist.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_pdf2txt_setup15 - CHIP Downloader[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\iGearedHelper.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ikave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ipc.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\JFS.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\JSM.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\kave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\kavvlg.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\KK.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid11189354.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid8664609.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\LuckyLeap.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MachineIdCreator.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\Medal of Honor_uninst.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcp80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcr80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvl64.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvlclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVL.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVReg.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\mwunzip.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\prLoader.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ptu12_tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\red32.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\reload.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\scan.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ScanningProcess.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setpriv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\test2.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\toolbar9284421.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ToolbarInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi14.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi6C.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\UnityWebPlayer7807625750650097017.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\unregx.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\viewtcp.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-18 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-18 13:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================
Přílohy
frs.rar
(9.04 KiB) Staženo 31 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#5 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#6 Příspěvek od dodohuhu »

Nejde mi spustit FRST.
Rudy píše:Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#7 Příspěvek od Rudy »

Jak nejde? Uložil jste správně fixlist.txt? Tzn. správně pojmenoval a uložil do stejného adresáře, jako frst? Častou chybou je uložení jako fixlist.txt.txt. S tímhle to nefunguje. Do dialogového okna při ukládání napište pouze fixlist. Příponu si dosadí systém sám.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#8 Příspěvek od dodohuhu »

dodohuhu píše:Nejde mi spustit FRST.
Rudy píše:Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... default&q={searchTerms}
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
C:\Documents and Settings\Uživatel\Local Settings\Temp
End
Uložte uložte do adresáře, v němž je FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.


-----------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2013 01
Ran by Uživatel (administrator) on U-ED0AF5758D5B4 on 13-11-2013 22:08:20
Running from C:\Documents and Settings\Uživatel\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065896 2012-04-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [mwavscan_autoscan] - C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com [2329160 2009-11-06] (MicroWorld Technologies Inc.) <===== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [116648 2012-07-22] (Google Inc.)
HKCU\...\Run: [Adobe Reader Synchronizer] - C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1264360 2012-12-18] (Adobe Systems Incorporated)
MountPoints2: {0d2c3377-51a4-11e1-8b3b-1c6f65fcbb03} - H:\Startme.exe
MountPoints2: {fb48bfad-1493-11e3-8751-1c6f65fcbb03} - H:\Startme.exe
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 6f65fcbb03
SearchScopes: HKCU - {23b21aa6-cf6e-4ded-85aa-76ebb36e384c} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... earchTerms}
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {76859dfd-b169-4f33-b4cf-9c0f4958995b} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {885E0645-C385-4A93-A193-9FDB0B5A7505} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {9bb0a7ad-06d1-4065-8fd9-8e3e9944e0a9} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\user.js
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @ei.FestiveBar_3g.com/Plugin - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
FF Plugin: @ei.GamingWonderland.com/Plugin - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
FF Plugin: @ei.Zwinky_5q.com/Plugin - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\staged
FF Extension: No Name - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\yasearch@yandex.ru
FF Extension: ftdownloader4 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\ftdownloader4@ftdownloader.com.xpi
FF Extension: gophoto - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: trtv3 - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\b00ahhd0.default\Extensions\trtv3@trtv.com.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=i ... 1384016045
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Unity Player) - C:\Documents and Settings\U\u017Eivatel\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll No File
CHR Plugin: (FestiveBar Installer Plugin Stub) - C:\Program Files\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll (FestiveBar)
CHR Plugin: (GamingWonderland Installer Plugin Stub) - C:\Program Files\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll (GamingWonderland)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npmediago.dll No File
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll No File
CHR Plugin: (Zwinky Installer Plugin Stub) - C:\Program Files\Zwinky_5qEI\Installr\1.bin\NP5qEISB.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (FTdownloader V4.0) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok\4.0_0
CHR Extension: (DefaultTab) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0
CHR Extension: (Google Wallet Service) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (GoPhoto.it) - C:\DOCUME~1\UIVATE~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.6_0
CHR HKLM\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files\FTDownloader.com\FTDownloader10.crx
CHR HKLM\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files\TornTV.com\torntv10.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit16.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1384016045

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-01-18] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 ATIAVAIW; C:\Windows\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-06] (DT Soft Ltd)
S3 FANTOM; C:\Windows\System32\DRIVERS\fantom.sys [39424 2007-11-09] (National Instruments Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S4 IntelIde; No ImagePath
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-13 22:08 - 2013-11-13 22:08 - 00019723 _____ C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2013-11-13 22:07 - 2013-11-13 22:07 - 00015327 _____ C:\Documents and Settings\Uživatel\Plocha\LM.bat
2013-11-13 22:03 - 2013-11-13 22:03 - 00002698 _____ C:\Documents and Settings\Uživatel\Plocha\llll.txt
2013-11-13 21:51 - 2013-11-13 21:51 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2013-11-13 21:50 - 2013-11-13 21:50 - 01090351 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2013-11-13 20:14 - 2013-11-13 22:07 - 00029696 _____ C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\MSGBOX.EXE
2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:41 - 2013-11-13 07:53 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2013-11-13 07:41 - 2008-04-14 08:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2013-11-13 07:41 - 2005-09-22 23:22 - 00000522 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-13 00:11 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-13 07:33 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-10 19:33 - 2013-11-11 10:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:32 - 2013-11-11 10:56 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:05 - 2013-11-09 18:12 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:05 - 2013-11-09 18:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 17:54 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 17:54 - 2013-11-09 18:03 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-10-30 23:12 - 2013-11-09 17:09 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-10-30 22:53 - 2013-11-09 17:09 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 18:39 - 2013-10-30 19:01 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:11 - 2013-11-09 17:12 - 00000000 ____D C:\Program Files\Seznam.cz
2013-10-27 19:11 - 2013-10-27 19:12 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:10 - 2013-10-27 19:11 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:06 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-10-27 19:02 - 2013-10-27 19:03 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-17 17:37 - 2013-11-13 07:41 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

==================== One Month Modified Files and Folders =======

2013-11-13 22:08 - 2013-11-13 22:08 - 00019723 _____ C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2013-11-13 22:08 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2013-11-13 22:07 - 2013-11-13 22:07 - 00015327 _____ C:\Documents and Settings\Uživatel\Plocha\LM.bat
2013-11-13 22:07 - 2013-11-13 20:14 - 00029696 _____ C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\MSGBOX.EXE
2013-11-13 22:07 - 2012-01-05 15:36 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2013-11-13 22:03 - 2013-11-13 22:03 - 00002698 _____ C:\Documents and Settings\Uživatel\Plocha\llll.txt
2013-11-13 21:51 - 2013-11-13 21:51 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2013-11-13 21:50 - 2013-11-13 21:50 - 01090351 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2013-11-13 21:47 - 2012-07-22 12:12 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003UA.job
2013-11-13 21:46 - 2012-07-12 13:29 - 00008192 ___SH C:\WINDOWS\Thumbs.db
2013-11-13 21:44 - 2012-01-05 15:36 - 00000000 ____D C:\Documents and Settings\Uživatel
2013-11-13 21:33 - 2012-01-05 15:32 - 01928489 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 21:10 - 2012-10-07 10:40 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 21:10 - 2012-10-07 10:40 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 21:09 - 2013-06-07 17:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-13 20:47 - 2012-07-22 12:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1979792683-839522115-1003Core.job
2013-11-13 20:06 - 2013-11-13 20:06 - 00000000 ____D C:\FRST
2013-11-13 18:33 - 2013-11-13 18:33 - 00003203 _____ C:\Documents and Settings\Uživatel\Plocha\log..rar
2013-11-13 18:04 - 2013-11-13 18:04 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\POLSKO
2013-11-13 13:12 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Oblíbené položky
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\rundll16.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo1_.exe
2013-11-13 07:53 - 2013-11-13 07:53 - 00000000 ____D C:\WINDOWS\logo_1.exe
2013-11-13 07:53 - 2013-11-13 07:41 - 00000054 _____ C:\WINDOWS\Lic.xxx
2013-11-13 07:41 - 2013-11-13 07:41 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2013-11-13 07:41 - 2013-11-13 07:41 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2013-11-13 07:41 - 2013-11-13 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2013-11-13 07:41 - 2013-10-17 17:37 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-13 07:41 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-13 07:36 - 2013-11-13 07:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Simply Super Software
2013-11-13 07:36 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2013-11-13 07:35 - 2012-01-05 16:24 - 01022040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 07:33 - 2013-11-12 20:48 - 00000000 ____D C:\Program Files\Trojan Remover
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-13 07:33 - 2012-01-05 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-13 07:33 - 2012-01-05 15:36 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2013-11-13 07:32 - 2004-08-18 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-13 07:31 - 2012-01-05 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-13 07:31 - 2012-01-05 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-13 07:31 - 2012-01-05 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-13 00:27 - 2012-01-05 15:58 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-13 00:27 - 2012-01-05 15:36 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2013-11-13 00:27 - 2012-01-05 15:35 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-13 00:11 - 2013-11-12 21:01 - 00000000 ____D C:\WINDOWS\A358F2F62500420C989C25C4F22DF51E.TMP
2013-11-13 00:11 - 2012-07-12 09:52 - 00435806 _____ C:\WINDOWS\setupapi.log
2013-11-13 00:11 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2013-11-12 21:49 - 2012-01-06 17:46 - 00000000 ____D C:\bat2
2013-11-12 21:14 - 2012-01-05 15:36 - 00001599 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:09 - 2012-01-05 15:33 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2013-11-12 21:02 - 2013-11-12 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-12 21:01 - 2013-11-12 21:01 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-12 20:48 - 2013-11-12 20:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2013-11-11 17:00 - 2013-06-27 21:36 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Sony Mobile
2013-11-11 17:00 - 2013-06-27 21:35 - 00000000 ____D C:\Program Files\Sony Mobile
2013-11-11 16:59 - 2013-01-07 17:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2013-11-11 16:59 - 2013-01-07 17:06 - 00000000 ____D C:\Program Files\Sony Ericsson
2013-11-11 16:57 - 2012-02-07 17:25 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-11-11 16:56 - 2012-03-05 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2013-11-11 16:56 - 2012-02-07 17:23 - 00000000 ____D C:\Program Files\Sony
2013-11-11 10:59 - 2012-05-14 16:55 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity
2013-11-11 10:56 - 2013-11-10 19:32 - 00000000 ____D C:\Program Files\TornTV.com
2013-11-11 10:54 - 2013-11-10 19:33 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Torntv 2
2013-11-10 19:53 - 2012-07-24 18:47 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\BitTorrent
2013-11-10 19:35 - 2012-07-24 20:59 - 00000000 ____D C:\toro
2013-11-10 19:35 - 2012-07-24 18:47 - 00000000 ____D C:\Program Files\BitTorrent
2013-11-10 19:32 - 2013-11-10 19:32 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\TornTV.com
2013-11-09 18:12 - 2013-11-09 18:05 - 00000000 ____D C:\Program Files\WinZipper
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 __RHD C:\Documents and Settings\Default User\Data aplikací
2013-11-09 18:11 - 2012-01-05 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2013-11-09 18:07 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\WinZipper
2013-11-09 18:05 - 2013-11-09 18:05 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\iSafe
2013-11-09 18:05 - 2013-11-09 17:54 - 00000000 ____D C:\Program Files\Desk 365
2013-11-09 18:05 - 2011-06-11 00:58 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-11-09 18:05 - 2011-06-11 00:58 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-11-09 18:03 - 2013-11-09 17:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Desk 365
2013-11-09 17:54 - 2012-01-06 10:02 - 00001032 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-09 17:54 - 2012-01-05 15:36 - 00001105 _____ C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Internet Explorer.lnk
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Program Files\Gophoto.it
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\FTDownloader.com
2013-11-09 17:53 - 2013-11-09 17:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Cool_Mirage
2013-11-09 17:12 - 2013-10-27 19:11 - 00000000 ____D C:\Program Files\Seznam.cz
2013-11-09 17:12 - 2013-01-13 18:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Sony Corporation
2013-11-09 17:09 - 2013-10-30 23:12 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-11-09 17:09 - 2013-10-30 22:53 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Kastner software
2013-11-09 16:57 - 2012-01-06 17:14 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-11-09 16:56 - 2013-11-09 16:56 - 00000896 __RSH C:\Documents and Settings\Uživatel\ntuser.pol
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-09 16:56 - 2013-11-09 16:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\DefaultTab
2013-11-08 14:31 - 2012-10-03 18:35 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-08 14:31 - 2012-10-03 18:35 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-11-04 08:19 - 2013-11-04 08:19 - 00017920 _____ C:\Documents and Settings\Uživatel\Plocha\Export.xls
2013-11-04 08:14 - 2013-11-04 08:14 - 00070001 _____ C:\Documents and Settings\Uživatel\Plocha\Export.htm
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-10-30 19:01 - 2013-10-30 18:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\neg
2013-10-29 22:40 - 2013-10-29 22:40 - 00015313 _____ C:\Documents and Settings\Uživatel\Dokumenty\reklamacni-list[1].docm
2013-10-27 19:26 - 2012-01-07 10:56 - 00014846 _____ C:\WINDOWS\KB2510531-IE8.log
2013-10-27 19:26 - 2012-01-06 09:48 - 00249431 _____ C:\WINDOWS\updspapi.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01557937 _____ C:\WINDOWS\iis6.log
2013-10-27 19:26 - 2012-01-05 16:24 - 01421273 _____ C:\WINDOWS\FaxSetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00688569 _____ C:\WINDOWS\ocgen.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00652447 _____ C:\WINDOWS\tsoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00487823 _____ C:\WINDOWS\comsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00449134 _____ C:\WINDOWS\msmqinst.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00293261 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00249388 _____ C:\WINDOWS\netfxocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00100201 _____ C:\WINDOWS\MedCtrOC.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00088712 _____ C:\WINDOWS\ocmsn.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00072358 _____ C:\WINDOWS\tabletoc.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00071167 _____ C:\WINDOWS\msgsocm.log
2013-10-27 19:26 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-27 19:15 - 2012-01-06 09:50 - 00141449 _____ C:\WINDOWS\spupdsvc.log
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Obrázky
2013-10-27 19:15 - 2012-01-05 15:36 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Hudba
2013-10-27 19:14 - 2012-11-03 13:15 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2013-10-27 19:14 - 2012-01-06 10:27 - 00247190 _____ C:\WINDOWS\ie8_main.log
2013-10-27 19:14 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Help
2013-10-27 19:13 - 2013-10-10 23:22 - 00047334 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-27 19:13 - 2013-08-15 19:09 - 00048719 _____ C:\WINDOWS\KB2862772-IE8.log
2013-10-27 19:13 - 2012-09-22 13:04 - 00053338 _____ C:\WINDOWS\KB2744842-IE8.log
2013-10-27 19:13 - 2012-01-07 11:02 - 00055937 _____ C:\WINDOWS\KB2618444-IE8.log
2013-10-27 19:13 - 2012-01-05 16:24 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-27 19:12 - 2013-10-27 19:12 - 00032388 _____ C:\WINDOWS\KB2598845-IE8.log
2013-10-27 19:12 - 2013-10-27 19:11 - 00041796 _____ C:\WINDOWS\KB982381-IE8.log
2013-10-27 19:12 - 2012-01-06 10:13 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-10-27 19:11 - 2013-10-27 19:10 - 00000000 __HDC C:\WINDOWS\ie8
2013-10-27 19:11 - 2012-01-06 10:39 - 00099643 _____ C:\WINDOWS\ie8.log
2013-10-27 19:11 - 2012-01-05 16:15 - 00000000 ____D C:\WINDOWS\Media
2013-10-27 19:03 - 2013-10-27 19:02 - 00028656 _____ C:\WINDOWS\ie8Uninst.log
2013-10-27 19:03 - 2012-01-07 10:55 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-17 17:28 - 2012-01-21 17:14 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty\Filmy
2013-10-17 17:28 - 2012-01-05 15:29 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Filmy
2013-10-17 17:27 - 2012-10-28 12:32 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-10-17 17:27 - 2012-10-28 12:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-17 17:27 - 2012-01-06 08:40 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-10-15 18:25 - 2013-09-08 19:21 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha\so
2013-10-15 18:11 - 2012-04-14 17:44 - 00001739 _____ C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2013-10-15 18:11 - 2012-01-05 15:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-15 18:11 - 2012-01-05 15:51 - 00892728 _____ C:\WINDOWS\DPINST.LOG
2013-10-14 16:59 - 2012-01-05 15:56 - 00000000 ____D C:\WINDOWS\Microsoft.NET

Files to move or delete:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\mexe.com


Some content of TEMP:
====================
C:\Documents and Settings\Uživatel\Local Settings\Temp\6_Offer_4.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avguidx.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\avxdisk.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdc.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdcore.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdfltlib2k.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\bdupdateservice.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\CommonInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DEVCON.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\download.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\DownloadManager.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7370014.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7380009.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\drm_dyndata_7410004.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\eEmpty.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\encdec.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\esupdate.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\FSSync.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\Getvlist.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\htmlayout.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_pdf2txt_setup15 - CHIP Downloader[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ICReinstall_radarsync[1].exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\iGearedHelper.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ikave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ipc.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\JFS.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\JSM.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\kave.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\kavvlg.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\KK.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid11189354.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\liquid8664609.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\LuckyLeap.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MachineIdCreator.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\Medal of Honor_uninst.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcp80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvcr80.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvl64.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\msvlclnt.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVL.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\MWAVReg.EXE
C:\Documents and Settings\Uživatel\Local Settings\Temp\mwunzip.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\prLoader.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ptu12_tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\red32.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\reload.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\scan.dll
C:\Documents and Settings\Uživatel\Local Settings\Temp\ScanningProcess.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setpriv.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\test2.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\toolbar9284421.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ToolbarInstaller.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi14.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\ubi6C.tmp.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\UnityWebPlayer7807625750650097017.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\unregx.exe
C:\Documents and Settings\Uživatel\Local Settings\Temp\viewtcp.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-18 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-18 13:00] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-18 13:00] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 13:00] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#9 Příspěvek od Rudy »

Klikl jste na >Fix<? Tohle je normální log. Potřebuji ten log, co se vytvoří bezprostředně po fixnutí.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#10 Příspěvek od dodohuhu »

Rudy píše:Klikl jste na >Fix<? Tohle je normální log. Potřebuji ten log, co se vytvoří bezprostředně po fixnutí.

fixnout to nejde asi dělám něco špatně.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#11 Příspěvek od Rudy »

To asi jo. Přečtěte si důkladně návod: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . Jinak nelze dál pokračovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
dodohuhu
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 13 lis 2013 13:00

Re: Prosím o kontrolu logu

#12 Příspěvek od dodohuhu »

Rudy píše:To asi jo. Přečtěte si důkladně návod: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . Jinak nelze dál pokračovat.
nevím kde to je -Uložte uložte do adresáře, v němž je FRST jako fixlist.txt
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119531
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#13 Příspěvek od Rudy »

Uložte obojí na plochu. Jak FRST, tak fixlist.txt. Pak klikněte na >fix<. Mělo by to jít, pokud nemáte fixlist chybně uložen.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“