virus

[Pavla V.]

Dobrý den předem děkuji za pomoc...
po delší době jsem projížděla Avastem a našel několik virů - dala jsem do truhly - plus se pokouší se tam znovu natáhnout. Postupně přidám logy i z další PC v dalších tématech - toto je starší NTB pro děti, v manželově taky něco našel, můj teď projíždím.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Martin a Paja_2 at 2013-11-05 15:42:06
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 5 GB (15%) free of 33 GB
Total RAM: 1525 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:42:36, on 5.11.2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Desk 365\desk365.exe
C:\Program Files\HandyUpdater\HandyUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin a Paja_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGHJNAYI\RSIT[1].exe
C:\Users\Martin a Paja_2\Desktop\Martin a Paja_2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1376767199
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.viry.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1376767199
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1376767199
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com/web/?utm_source= ... 1376767199
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com/web/?utm_source= ... 1376767199
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Desk 365] "C:\Program Files\Desk 365\desk365.exe" /autorun
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Windows\System32\conime.exe C:\Windows\system32\conime.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #1] C:\Windows\System32\conime.exe C:\Windows\system32\conime.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} (PhotoUploader Control) - http://foto.droxi.cz/snadno-vlozit-foto ... loader.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1074874433
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5 ... oader4.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files\Desk 365\deskSvc.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8405 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-11 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-02-06 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-11 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour"= []
"eRecoveryService"= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PoivY"=C:\Program Files\PoivY.com\PoivY\PoivY.exe -nosplash -minimized []
"cz.seznam.software.autoupdate"=C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Desk 365"=C:\Program Files\Desk 365\desk365.exe [2013-08-17 979024]
"Handy Updater"=C:\Program Files\HandyUpdater\HandyUpdater.exe [2013-07-05 370176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe [2013-02-03 699400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
C:\Acer\AcerTour\Reminder.exe [2007-01-17 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDSMSNfix]
C:\Acer\Empowering Technology\eDSMSNfix.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2006-11-06 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2006-11-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-09 614400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2006-11-06 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PoivY]
C:\Program Files\PoivY.com\PoivY\PoivY.exe -nosplash -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-06 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f40c7b52-2960-11dd-8b65-0016d4d8e631}]
shell\AutoRun\command - G:\LaunchU3.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-05 11:52:56 ----D---- C:\Windows\system32\MRT

======List of files/folders modified in the last 1 months======

2013-11-05 15:42:29 ----D---- C:\Windows\Prefetch
2013-11-05 15:42:26 ----D---- C:\Windows\Temp
2013-11-05 15:42:10 ----D---- C:\Windows\inf
2013-11-05 15:26:44 ----D---- C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz
2013-11-05 15:26:14 ----D---- C:\Windows\Panther
2013-11-05 15:26:14 ----D---- C:\Windows\ModemLogs
2013-11-05 15:26:10 ----D---- C:\Windows\Minidump
2013-11-05 15:26:10 ----D---- C:\Windows\Logs
2013-11-05 15:26:10 ----D---- C:\Windows\Debug
2013-11-05 15:26:10 ----D---- C:\Windows
2013-11-05 15:21:54 ----D---- C:\Users\Martin a Paja_2\AppData\Roaming\Desk 365
2013-11-05 15:04:51 ----D---- C:\Windows\System32
2013-11-05 15:04:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-05 15:02:34 ----D---- C:\Program Files\Desk 365
2013-11-05 11:52:00 ----SHD---- C:\System Volume Information
2013-11-03 09:17:33 ----SHD---- C:\Windows\Installer
2013-11-03 09:17:33 ----A---- C:\Windows\ODBC.INI
2013-10-27 05:58:34 ----D---- C:\ProgramData\eSafe
2013-10-23 04:50:59 ----D---- C:\Windows\system32\catroot2
2013-10-15 08:14:57 ----SHD---- C:\$RECYCLE.BIN
2013-10-15 08:14:20 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-03 20112]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-01 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-04-16 22784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 desksvc;Desk 365 service; C:\Program Files\Desk 365\deskSvc.exe [2013-08-17 424016]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-24 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-02-07 266343]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Spustte tradicne dvouklikem
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Pavla V.]

Díky, vše hotovo, akorát jsem si smázla omylem log u sc-cleaner tak vládám log napodruhé, ale ten už asi není o ničem, že?

sc:
Shortcut Cleaner 1.2.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows Vista (TM) Home Basic Service Pack 1
Program started at: 11/05/2013 07:58:21 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Martin a Paja_2\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Martin a Paja_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Martin a Paja_2\Desktop


0 bad shortcuts found.

Program finished at: 11/05/2013 07:58:22 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)


JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows Vista (TM) Home Basic x86
Ran by Martin a Paja_2 on út 05.11.2013 at 19:51:15,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\desk 365
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\desk 365
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7FCD32E3-E7FE-47F1-8577-6A015C9591BA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Users\Martin a Paja_2\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Martin a Paja_2\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\Martin a Paja_2\appdata\local\swvupdater"
Failed to delete: [Folder] "C:\Program Files\desk 365"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on út 05.11.2013 at 19:55:49,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adw
zde mi to akorát ještě napsalo: Seznam desktop Exceptions: Error nr.5 - Přístup byl odepřen

# AdwCleaner v3.011 - Report created 05/11/2013 at 20:02:14
# Updated 03/11/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 1 (32 bits)
# Username : Martin a Paja_2 - BOBIK2
# Running from : C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : desksvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Folder Deleted : C:\Program Files\Desk 365
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Martin a Paja\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\Pájík\AppData\Roaming\Desk 365

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D9579AA-406C-44B3-B3C3-B2A813552339}
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Handy Updater]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\V9
Key Deleted : HKLM\Software\V9
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19088

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

*************************

AdwCleaner[R0].txt - [2359 octets] - [05/11/2013 20:00:43]
AdwCleaner[S0].txt - [1948 octets] - [05/11/2013 20:02:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2008 octets] ##########

[vyosek]

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Pavla V.]

Tady jsou logy, dík

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Martin a Paja_2 (administrator) on BOBIK2 on 06-11-2013 10:26:48
Running from C:\Users\Martin a Paja_2\Desktop
Microsoft® Windows Vista™ Home Basic Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acer Tour] - [x]
HKLM\...\Run: [eRecoveryService] - [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
MountPoints2: {f40c7b52-2960-11dd-8b65-0016d4d8e631} - G:\LaunchU3.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Martin a Paja\...\Run: [Acer Tour Reminder] - C:\Acer\AcerTour\Reminder.exe [ 2007-01-17] (Acer Inc.)
HKU\Martin a Paja\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
HKU\Martin a Paja\...\Run: [Google Update] - C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [ 2009-08-05] (Google Inc.)
HKU\Martin a Paja\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2012-12-19] ()
HKU\Martin a Paja\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\szninstall.exe [ 2012-09-13] ()
HKU\Martin a Paja\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex
HKU\Pájík\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2013-04-12] ()
HKU\Pájík\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\szninstall.exe [ 2013-05-16] ()
Startup: C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.viry.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0CD30B4F-D2FF-4893-B931-D14095785290} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {22A69644-D518-4627-A3B0-349EE88A780D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {7BCB5AE8-9005-4E05-BA8A-2EBF1976F844} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {8989A32C-4C5A-4E4A-8AF7-6751223CDD25} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {A34DD514-371D-4740-8674-14F0D84195C4} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {B963C9DB-57B6-4EF5-8FB0-5AA23D6FB515} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {E910CA91-2673-45CE-BABB-6E0B527AB22B} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {FEB92EAC-2427-4412-B5E0-8F2C25100C20} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} http://foto.droxi.cz/snadno-vlozit-foto ... loader.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1074874433
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/5 ... oader4.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 81.90.240.1 81.90.240.2

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-02-06] (HiTRSUT)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2006-12-22] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [126976 2006-12-28] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-01-31] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-04-24] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [107008 2006-11-24] ()
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2007-02-07] ()
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [135168 2007-01-02] (acer)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R1 DritekPortIO; C:\PROGRA~1\LAUNCH~1\DPortIO.sys [20112 2006-11-03] (Dritek System Inc.)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [62208 2006-10-25] (ENE Technology Inc.)
R3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [42240 2006-10-25] (ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [76928 2006-10-25] (ENE Technology Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-19] (Společnost Microsoft)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1081912 2008-01-19] (Společnost Microsoft)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20264 2007-02-06] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-02-06] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-02-06] (HiTRUST)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-06 10:26 - 2013-11-06 10:26 - 00000000 ____D C:\FRST
2013-11-06 10:25 - 2013-11-06 10:25 - 01089445 _____ (Farbar) C:\Users\Martin a Paja_2\Desktop\FRST.exe
2013-11-06 10:25 - 2013-11-06 10:25 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja_2\Desktop\FRSTLauncher.exe
2013-11-05 20:06 - 2013-11-05 20:06 - 00002088 _____ C:\Users\Martin a Paja_2\Documents\AdwCleaner[S0].txt
2013-11-05 20:00 - 2013-11-05 20:02 - 00000000 ____D C:\AdwCleaner
2013-11-05 19:59 - 2013-11-05 19:55 - 00003901 _____ C:\JRT.txt
2013-11-05 19:57 - 2013-11-05 19:57 - 00003901 _____ C:\Users\Martin a Paja_2\Documents\JRT.txt
2013-11-05 19:51 - 2013-11-05 19:51 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 19:49 - 2013-11-05 19:58 - 00001870 _____ C:\sc-cleaner.txt
2013-11-05 19:48 - 2013-11-05 19:48 - 01073258 _____ C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe
2013-11-05 19:47 - 2013-11-05 19:47 - 01033335 _____ (Thisisu) C:\Users\Martin a Paja_2\Desktop\JRT.exe
2013-11-05 19:46 - 2013-11-05 19:46 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Martin a Paja_2\Desktop\sc-cleaner.exe
2013-11-05 19:40 - 2013-11-06 10:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 15:24 - 2013-11-05 15:24 - 00000786 _____ C:\Users\Martin a Paja_2\Desktop\CCleaner.lnk
2013-11-05 11:52 - 2013-11-05 11:55 - 00000000 ____D C:\Windows\system32\MRT
2013-11-02 11:13 - 2013-11-05 18:15 - 00011883 _____ C:\Users\Pájík\Documents\Sešit1.xlsx
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\Pájík\Documents\Britannica_Content
2013-11-02 11:06 - 2013-11-02 11:06 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Mozilla
2013-11-02 11:06 - 2013-11-02 11:06 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Macromedia
2013-11-02 10:56 - 2013-11-02 10:56 - 00000000 ____D C:\Users\Pájík\Documents\Poznámkové bloky aplikace OneNote
2013-11-02 10:55 - 2013-11-03 09:25 - 00000000 ____D C:\Users\Pájík\AppData\Local\Microsoft Help
2013-11-02 10:29 - 2013-11-03 09:04 - 00003584 _____ C:\Users\Pájík\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\04.bmp
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\03.bmp
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\02.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\07.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\06.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\004.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\10.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\09.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\003.bmp
2013-10-19 11:22 - 2013-10-19 11:22 - 00001730 _____ C:\Users\Pájík\Desktop\Windows Calendar.lnk
2013-10-19 11:02 - 2013-11-03 10:04 - 00208405 _____ C:\Users\Pájík\Documents\Prezentace1.pptx
2013-10-19 10:55 - 2013-10-19 10:55 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\XnView
2013-10-19 10:44 - 2013-10-19 10:44 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6817.bmp
2013-10-19 10:44 - 2013-10-19 10:44 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6799.bmp
2013-10-17 07:36 - 2013-10-17 07:36 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6801.bmp
2013-10-17 07:35 - 2013-10-17 07:35 - 00196934 _____ C:\Users\Pájík\Documents\Clipboard04.bmp
2013-10-17 07:35 - 2013-10-17 07:35 - 00000000 ____D C:\Users\Pájík\AppData\Local\Apple
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\Documents\CyberLink
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\CyberLink
2013-10-16 08:27 - 2013-10-20 06:49 - 02423558 _____ C:\Users\Pájík\Documents\Bez názvu.bmp
2013-10-16 08:27 - 2013-10-19 10:44 - 05350022 _____ C:\Users\Pájík\Documents\IMG_6773.bmp
2013-10-16 07:37 - 2013-10-26 14:34 - 02423558 _____ C:\Users\Pájík\Documents\Clipboard01.bmp
2013-10-15 09:03 - 2013-10-15 09:03 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Google
2013-10-15 09:03 - 2013-10-15 09:03 - 00000000 ____D C:\Users\Pájík\AppData\Local\Google
2013-10-15 09:00 - 2013-10-15 09:00 - 00104184 _____ C:\Users\Pájík\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-15 08:45 - 2013-10-15 08:45 - 00000364 _____ C:\Users\Pájík\Desktop\Fotky.lnk
2013-10-15 08:32 - 2013-10-15 08:32 - 00001811 _____ C:\Users\Martin a Paja\Desktop\avast! Free Antivirus.lnk
2013-10-15 08:28 - 2013-10-15 08:28 - 00000678 _____ C:\Users\Pájík\Desktop\Dokumenty.lnk
2013-10-15 08:28 - 2013-10-15 08:28 - 00000673 _____ C:\Users\Pájík\Desktop\Obrázky.lnk
2013-10-15 08:23 - 2013-11-05 18:10 - 00002635 _____ C:\Users\Pájík\Desktop\Microsoft Office Word 2007.lnk
2013-10-15 08:23 - 2013-11-05 17:53 - 00002549 _____ C:\Users\Pájík\Desktop\Microsoft Office Excel 2007.lnk
2013-10-15 08:23 - 2013-11-03 09:30 - 00002553 _____ C:\Users\Pájík\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001637 _____ C:\Users\Pájík\Desktop\Paint.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001614 _____ C:\Users\Pájík\Desktop\Calculator.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001568 _____ C:\Users\Pájík\Desktop\XnView.lnk
2013-10-15 08:21 - 2013-10-15 08:21 - 00000739 _____ C:\Users\Pájík\Desktop\IrfanView 4.00.lnk
2013-10-15 08:20 - 2013-10-15 08:20 - 00001996 _____ C:\Users\Pájík\Desktop\Spustit aplikaci Google Earth.lnk
2013-10-15 08:15 - 2013-11-05 17:58 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Seznam.cz
2013-10-15 08:15 - 2013-10-15 08:15 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Apple Computer
2013-10-15 08:15 - 2013-10-15 08:15 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Adobe
2013-10-15 08:14 - 2013-10-16 07:36 - 00000000 ____D C:\Users\Pájík\AppData\Local\VirtualStore
2013-10-15 08:14 - 2013-10-15 08:36 - 00000000 ____D C:\Users\Pájík
2013-10-15 08:14 - 2013-10-15 08:14 - 00000913 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000908 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000879 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000020 ___SH C:\Users\Pájík\ntuser.ini
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Šablony
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Soubory cookie
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Okolní tiskárny
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Okolní síť
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Nabídka Start
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Dokumenty
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Obrázky
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Hudba
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Filmy
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Data aplikací
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Local\Historie
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Local\Data aplikací
2013-10-15 08:14 - 2008-06-08 17:49 - 00000000 ___RD C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-15 08:14 - 2008-06-08 17:49 - 00000000 ___RD C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-12 10:53 - 2013-10-15 09:00 - 00042645 _____ C:\Users\Pájík\Documents\HALELUJA.pptx

==================== One Month Modified Files and Folders =======

2013-11-06 10:26 - 2013-11-06 10:26 - 00000000 ____D C:\FRST
2013-11-06 10:25 - 2013-11-06 10:25 - 01089445 _____ (Farbar) C:\Users\Martin a Paja_2\Desktop\FRST.exe
2013-11-06 10:25 - 2013-11-06 10:25 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja_2\Desktop\FRSTLauncher.exe
2013-11-06 10:23 - 2006-11-02 13:45 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 10:23 - 2006-11-02 13:45 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 10:09 - 2013-11-05 19:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 09:30 - 2009-08-05 21:15 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job
2013-11-06 09:19 - 2007-06-26 05:00 - 01071179 _____ C:\Windows\WindowsUpdate.log
2013-11-05 20:10 - 2012-05-31 11:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-05 20:10 - 2012-05-31 11:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-05 20:09 - 2013-08-17 20:18 - 00000000 ____D C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz
2013-11-05 20:06 - 2013-11-05 20:06 - 00002088 _____ C:\Users\Martin a Paja_2\Documents\AdwCleaner[S0].txt
2013-11-05 20:03 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 20:02 - 2013-11-05 20:00 - 00000000 ____D C:\AdwCleaner
2013-11-05 20:02 - 2006-11-02 13:58 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-05 19:58 - 2013-11-05 19:49 - 00001870 _____ C:\sc-cleaner.txt
2013-11-05 19:57 - 2013-11-05 19:57 - 00003901 _____ C:\Users\Martin a Paja_2\Documents\JRT.txt
2013-11-05 19:55 - 2013-11-05 19:59 - 00003901 _____ C:\JRT.txt
2013-11-05 19:51 - 2013-11-05 19:51 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 19:49 - 2009-02-05 13:01 - 00000815 _____ C:\Users\Martin a Paja_2\Desktop\Internet Explorer.lnk
2013-11-05 19:48 - 2013-11-05 19:48 - 01073258 _____ C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe
2013-11-05 19:47 - 2013-11-05 19:47 - 01033335 _____ (Thisisu) C:\Users\Martin a Paja_2\Desktop\JRT.exe
2013-11-05 19:46 - 2013-11-05 19:46 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Martin a Paja_2\Desktop\sc-cleaner.exe
2013-11-05 18:15 - 2013-11-02 11:13 - 00011883 _____ C:\Users\Pájík\Documents\Sešit1.xlsx
2013-11-05 18:10 - 2013-10-15 08:23 - 00002635 _____ C:\Users\Pájík\Desktop\Microsoft Office Word 2007.lnk
2013-11-05 17:58 - 2013-10-15 08:15 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Seznam.cz
2013-11-05 17:53 - 2013-10-15 08:23 - 00002549 _____ C:\Users\Pájík\Desktop\Microsoft Office Excel 2007.lnk
2013-11-05 15:45 - 2010-07-08 16:13 - 00000000 ____D C:\Dokumenty
2013-11-05 15:26 - 2008-05-01 23:27 - 00000000 ____D C:\Windows\Minidump
2013-11-05 15:26 - 2007-05-01 09:30 - 00000000 ____D C:\Windows\Panther
2013-11-05 15:24 - 2013-11-05 15:24 - 00000786 _____ C:\Users\Martin a Paja_2\Desktop\CCleaner.lnk
2013-11-05 15:05 - 2013-08-18 17:31 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz
2013-11-05 15:04 - 2006-11-02 11:33 - 01525104 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-05 11:55 - 2013-11-05 11:52 - 00000000 ____D C:\Windows\system32\MRT
2013-11-03 10:04 - 2013-10-19 11:02 - 00208405 _____ C:\Users\Pájík\Documents\Prezentace1.pptx
2013-11-03 09:30 - 2013-10-15 08:23 - 00002553 _____ C:\Users\Pájík\Desktop\Microsoft Office PowerPoint 2007.lnk
2013-11-03 09:25 - 2013-11-02 10:55 - 00000000 ____D C:\Users\Pájík\AppData\Local\Microsoft Help
2013-11-03 09:17 - 2007-08-13 21:14 - 00000384 _____ C:\Windows\ODBC.INI
2013-11-03 09:04 - 2013-11-02 10:29 - 00003584 _____ C:\Users\Pájík\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\Pájík\Documents\Britannica_Content
2013-11-02 11:06 - 2013-11-02 11:06 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Mozilla
2013-11-02 11:06 - 2013-11-02 11:06 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Macromedia
2013-11-02 10:56 - 2013-11-02 10:56 - 00000000 ____D C:\Users\Pájík\Documents\Poznámkové bloky aplikace OneNote
2013-11-01 10:31 - 2013-05-02 16:12 - 00000954 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-11-01 10:31 - 2011-08-04 08:43 - 00000978 _____ C:\Users\Martin a Paja_2\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-10-28 18:30 - 2009-08-05 21:15 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\04.bmp
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\03.bmp
2013-10-26 14:42 - 2013-10-26 14:42 - 05760054 _____ C:\Users\Pájík\Documents\02.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\07.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\06.bmp
2013-10-26 14:41 - 2013-10-26 14:41 - 05760054 _____ C:\Users\Pájík\Documents\004.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\10.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\09.bmp
2013-10-26 14:40 - 2013-10-26 14:40 - 05760054 _____ C:\Users\Pájík\Documents\003.bmp
2013-10-26 14:34 - 2013-10-16 07:37 - 02423558 _____ C:\Users\Pájík\Documents\Clipboard01.bmp
2013-10-20 06:49 - 2013-10-16 08:27 - 02423558 _____ C:\Users\Pájík\Documents\Bez názvu.bmp
2013-10-19 11:22 - 2013-10-19 11:22 - 00001730 _____ C:\Users\Pájík\Desktop\Windows Calendar.lnk
2013-10-19 10:55 - 2013-10-19 10:55 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\XnView
2013-10-19 10:44 - 2013-10-19 10:44 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6817.bmp
2013-10-19 10:44 - 2013-10-19 10:44 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6799.bmp
2013-10-19 10:44 - 2013-10-16 08:27 - 05350022 _____ C:\Users\Pájík\Documents\IMG_6773.bmp
2013-10-17 09:42 - 2007-06-26 11:38 - 00030720 _____ C:\Users\Martin a Paja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-17 07:36 - 2013-10-17 07:36 - 11614518 _____ C:\Users\Pájík\Documents\IMG_6801.bmp
2013-10-17 07:35 - 2013-10-17 07:35 - 00196934 _____ C:\Users\Pájík\Documents\Clipboard04.bmp
2013-10-17 07:35 - 2013-10-17 07:35 - 00000000 ____D C:\Users\Pájík\AppData\Local\Apple
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\Documents\CyberLink
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-10-16 16:19 - 2013-10-16 16:19 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\CyberLink
2013-10-16 07:36 - 2013-10-15 08:14 - 00000000 ____D C:\Users\Pájík\AppData\Local\VirtualStore
2013-10-15 17:45 - 2009-08-05 21:16 - 00002086 _____ C:\Users\Martin a Paja\Desktop\Google Chrome.lnk
2013-10-15 09:03 - 2013-10-15 09:03 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Google
2013-10-15 09:03 - 2013-10-15 09:03 - 00000000 ____D C:\Users\Pájík\AppData\Local\Google
2013-10-15 09:00 - 2013-10-15 09:00 - 00104184 _____ C:\Users\Pájík\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-15 09:00 - 2013-10-12 10:53 - 00042645 _____ C:\Users\Pájík\Documents\HALELUJA.pptx
2013-10-15 08:45 - 2013-10-15 08:45 - 00000364 _____ C:\Users\Pájík\Desktop\Fotky.lnk
2013-10-15 08:42 - 2009-01-29 22:12 - 00000000 ____D C:\Users\Martin a Paja\Documents\My Skype Content
2013-10-15 08:36 - 2013-10-15 08:14 - 00000000 ____D C:\Users\Pájík
2013-10-15 08:32 - 2013-10-15 08:32 - 00001811 _____ C:\Users\Martin a Paja\Desktop\avast! Free Antivirus.lnk
2013-10-15 08:28 - 2013-10-15 08:28 - 00000678 _____ C:\Users\Pájík\Desktop\Dokumenty.lnk
2013-10-15 08:28 - 2013-10-15 08:28 - 00000673 _____ C:\Users\Pájík\Desktop\Obrázky.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001637 _____ C:\Users\Pájík\Desktop\Paint.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001614 _____ C:\Users\Pájík\Desktop\Calculator.lnk
2013-10-15 08:22 - 2013-10-15 08:22 - 00001568 _____ C:\Users\Pájík\Desktop\XnView.lnk
2013-10-15 08:21 - 2013-10-15 08:21 - 00000739 _____ C:\Users\Pájík\Desktop\IrfanView 4.00.lnk
2013-10-15 08:20 - 2013-10-15 08:20 - 00001996 _____ C:\Users\Pájík\Desktop\Spustit aplikaci Google Earth.lnk
2013-10-15 08:15 - 2013-10-15 08:15 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Apple Computer
2013-10-15 08:15 - 2013-10-15 08:15 - 00000000 ____D C:\Users\Pájík\AppData\Roaming\Adobe
2013-10-15 08:14 - 2013-10-15 08:14 - 00000913 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000908 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000879 _____ C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-10-15 08:14 - 2013-10-15 08:14 - 00000020 ___SH C:\Users\Pájík\ntuser.ini
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Šablony
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Soubory cookie
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Okolní tiskárny
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Okolní síť
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Nabídka Start
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Dokumenty
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Obrázky
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Hudba
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Documents\Filmy
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\Data aplikací
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Local\Historie
2013-10-15 08:14 - 2013-10-15 08:14 - 00000000 _SHDL C:\Users\Pájík\AppData\Local\Data aplikací
2013-10-15 08:10 - 2009-06-25 14:17 - 00002635 _____ C:\Users\Martin a Paja\Desktop\Word 2007.lnk
2013-10-15 08:10 - 2009-06-25 14:17 - 00002549 _____ C:\Users\Martin a Paja\Desktop\Excel 2007.lnk
2013-10-15 08:09 - 2009-06-25 14:17 - 00002553 _____ C:\Users\Martin a Paja\Desktop\PowerPoint 2007.lnk
2013-10-12 10:53 - 2013-10-06 15:27 - 00062938 _____ C:\Users\Pájík\Documents\Haleluja šabalabalabambam.pptx

Some content of TEMP:
====================
C:\Users\Martin a Paja_2\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-05 20:11

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by Martin a Paja_2 at 2013-11-06 10:27:39
Running from C:\Users\Martin a Paja_2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

AC3Filter 2.5b (Version: 2.5b)
Acer eDataSecurity Management (Version: 2.5.3032)
Acer eLock Management (Version: 2.5.3006)
Acer Empowering Technology (Version: 2.5.3005)
Acer eNet Management (Version: 2.6.3002)
Acer ePower Management (Version: 2.5.3007)
Acer ePresentation Management (Version: 2.5.3003)
Acer eSettings Management (Version: 2.5.3004)
Acer GridVista (Version: 2.61.102)
Acer Mobility Center Plug-In (Version: 1.0.3003)
Acer ScreenSaver (Version: 1.00.0000)
Acer Tour (Version: 1.1.3007)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 8.1.3 (Version: 8.1.3)
Amazon MP3 Downloader 1.0.10
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 8.0.1489.0)
CCleaner (Version: 4.01)
Centrum.cz - Skype 3.0 (Version: 3.0)
Davar3 (remove all files)
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109) (Version: 9.2.3068)
GOM Player (Version: 2.2.53.5169)
Google Earth (Version: 4.2.198.2451)
GotClip Downloader
Handy Updater
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2 (Version: 2.0.2)
Intel(R) Graphics Media Accelerator Driver
IrfanView (remove only)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Launch Manager
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Lizard Safeguard - PDF Viewer 2.5.125
Microsoft .NET Framework 3.5 Language Pack SP1 - csy (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office FrontPage 2003 (Version: 11.0.8173.0)
Microsoft Office OneNote MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.2.3042.00)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.3042.00)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup NOW! 4.7 (Version: 4)
NTI CD & DVD-Maker (Version: 7)
Patria Forex
PowerDVD (Version: 7.3.2729c.0)
QuickTime (Version: 7.73.80.64)
rajče beta53 sestavení 102
Realtek High Definition Audio Driver (Version: 6.0.1.5377)
Seznam Software
Skype Plugin Manager (Version: 1.0.151)
SMSC Fast Infrared Driver (Version: 1.00.0000)
Součásti připojení sady Microsoft Office Small Business (Version: 2.0.7024.0)
STORMWARE POHODA CZ Start (Version: 2009)
Synaptics Pointing Device Driver (Version: 9.0.3.0)
Total Commander (Remove or Repair)
Ultimate Reference Suite (Version: 2012.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
XnView 1.80.3 (Version: 1.80.3)
Zkušební verze produktu Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014)

==================== Restore Points =========================

06-11-2013 08:28:41 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2006-11-02 11:23 - 2013-01-18 21:47 - 00446180 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1800searchonline.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {434F010C-F30E-4785-82CC-6679BDACE8B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {5B95AABC-69F3-42F1-818D-E8D6630E0715} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {62400C02-A7FD-4EA1-9607-821F41AF62CE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-05] (Google Inc.)
Task: {62524787-B7A6-4F29-A573-9E3EAE3E7ABB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {78E80CCC-ADAD-452B-B934-415988AF0D36} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7A4EDB56-4F65-40DA-8B00-9F099A0043F0} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\System32\raserver.exe [2008-01-19] (Společnost Microsoft)
Task: {7D9579AA-406C-44B3-B3C3-B2A813552339} - \Desk 365 RunAsStdUser No Task File
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {ACCF850A-AB0B-4B0F-887C-CA1A96C97EC7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-05] (Google Inc.)
Task: {BD3CEC8E-EE34-4E32-99F2-148977C61154} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Pájík => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-19] (Microsoft Corporation)
Task: {C72FEFC4-2689-4618-B76B-7611CAEDAB70} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Martin a Paja_2 => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-19] (Microsoft Corporation)
Task: {D0D820FC-7C8A-4977-8417-E13EBBAF20A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2006-11-02 11:25 - 2006-11-06 02:05 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2013 08:09:45 PM) (Source: Application Hang) (User: )
Description: Program iexplore.exe verze 8.0.6001.19088 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: c
Čas zahájení: 01ceda5a34e87157
Čas ukončení: 140

Error: (11/05/2013 08:04:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


System errors:
=============
Error: (11/05/2013 08:04:39 PM) (Source: LSM) (User: )
Description: Spuštění Terminálové služby se nezdařilo. Příslušný kód stavu je Konfigurační data pro tento produkt jsou poškozena. Obraťte se na pracovníky podpory.
.

Error: (11/05/2013 08:03:52 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-11-06 10:27:11.478
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:11.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:10.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:10.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:09.918
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:09.497
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:09.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-06 10:27:08.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-05 15:42:35.897
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-11-05 15:42:35.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 1525.38 MB
Available physical RAM: 722.93 MB
Total Pagefile: 3310.55 MB
Available Pagefile: 2353.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.14 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:32.52 GB) (Free:4.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:32.25 GB) (Free:5.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: 14B8C223)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=33 GB) - (Type=06)
Partition 3: (Not Active) - (Size=32 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [Acer Tour] - [x]
  HKLM\...\Run: [eRecoveryService] - [x]
  HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
  HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
  HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKCU\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
  HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  MountPoints2: {f40c7b52-2960-11dd-8b65-0016d4d8e631} - G:\LaunchU3.exe
  HKU\Martin a Paja\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
  HKU\Martin a Paja\...\Run: [Google Update] - C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [ 2009-08-05] (Google Inc.)
  HKU\Martin a Paja\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2012-12-19] ()
  HKU\Martin a Paja\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\szninstall.exe [ 2012-09-13] ()
  HKU\Martin a Paja\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex
  HKU\Pájík\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2013-04-12] ()
  HKU\Pájík\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\szninstall.exe [ 2013-05-16] ()
  Startup: C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
  Startup: C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  SearchScopes: HKLM - DefaultScope value is missing.
  
  S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
  
  2013-11-06 10:25 - 2013-11-06 10:25 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja_2\Desktop\FRSTLauncher.exe
  2013-11-05 20:00 - 2013-11-05 20:02 - 00000000 ____D C:\AdwCleaner
  2013-11-05 19:59 - 2013-11-05 19:55 - 00003901 _____ C:\JRT.txt
  2013-11-05 19:57 - 2013-11-05 19:57 - 00003901 _____ C:\Users\Martin a Paja_2\Documents\JRT.txt
  13-11-05 19:49 - 2013-11-05 19:58 - 00001870 _____ C:\sc-cleaner.txt
  2013-11-05 19:48 - 2013-11-05 19:48 - 01073258 _____ C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe
  2013-11-05 19:47 - 2013-11-05 19:47 - 01033335 _____ (Thisisu) C:\Users\Martin a Paja_2\Desktop\JRT.exe
  2013-11-05 19:46 - 2013-11-05 19:46 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Martin a Paja_2\Desktop\sc-cleaner.exe
  C:\Users\Martin a Paja_2\AppData\Local\Temp\Quarantine.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDSMSNfix" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PoivY" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp" /f
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Pavla V.]

Tady je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by Martin a Paja_2 at 2013-11-06 11:22:07 Run:1
Running from C:\Users\Martin a Paja_2\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Acer Tour] - [x]
HKLM\...\Run: [eRecoveryService] - [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja_2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
MountPoints2: {f40c7b52-2960-11dd-8b65-0016d4d8e631} - G:\LaunchU3.exe
HKU\Martin a Paja\...\Run: [PoivY] - "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
HKU\Martin a Paja\...\Run: [Google Update] - C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [ 2009-08-05] (Google Inc.)
HKU\Martin a Paja\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2012-12-19] ()
HKU\Martin a Paja\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Martin a Paja\AppData\Roaming\Seznam.cz\szninstall.exe [ 2012-09-13] ()
HKU\Martin a Paja\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex
HKU\Pájík\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [ 2013-04-12] ()
HKU\Pájík\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Pájík\AppData\Roaming\Seznam.cz\szninstall.exe [ 2013-05-16] ()
Startup: C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
Startup: C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.

S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]

2013-11-06 10:25 - 2013-11-06 10:25 - 00112128 _____ (forum.viry.cz) C:\Users\Martin a Paja_2\Desktop\FRSTLauncher.exe
2013-11-05 20:00 - 2013-11-05 20:02 - 00000000 ____D C:\AdwCleaner
2013-11-05 19:59 - 2013-11-05 19:55 - 00003901 _____ C:\JRT.txt
2013-11-05 19:57 - 2013-11-05 19:57 - 00003901 _____ C:\Users\Martin a Paja_2\Documents\JRT.txt
13-11-05 19:49 - 2013-11-05 19:58 - 00001870 _____ C:\sc-cleaner.txt
2013-11-05 19:48 - 2013-11-05 19:48 - 01073258 _____ C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe
2013-11-05 19:47 - 2013-11-05 19:47 - 01033335 _____ (Thisisu) C:\Users\Martin a Paja_2\Desktop\JRT.exe
2013-11-05 19:46 - 2013-11-05 19:46 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Martin a Paja_2\Desktop\sc-cleaner.exe
C:\Users\Martin a Paja_2\AppData\Local\Temp\Quarantine.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDSMSNfix" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PoivY" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\APSDaemon => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\PoivY => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f40c7b52-2960-11dd-8b65-0016d4d8e631} => Key deleted successfully.
HKCR\CLSID\{f40c7b52-2960-11dd-8b65-0016d4d8e631} => Key not found.
HKU\Martin a Paja\Software\Microsoft\Windows\CurrentVersion\Run\\PoivY => Value deleted successfully.
HKU\Martin a Paja\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\Martin a Paja\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\Martin a Paja\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\Martin a Paja\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => Value deleted successfully.
HKU\Pájík\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\Pájík\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
C:\Users\Martin a Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => Moved successfully.
C:\Users\Pájík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
CLTNetCnService => Service deleted successfully.
C:\Users\Martin a Paja_2\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\JRT.txt => Moved successfully.
C:\Users\Martin a Paja_2\Documents\JRT.txt => Moved successfully.
C:\Users\Martin a Paja_2\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Martin a Paja_2\Desktop\JRT.exe => Moved successfully.
C:\Users\Martin a Paja_2\Desktop\sc-cleaner.exe => Moved successfully.
C:\Users\Martin a Paja_2\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-258634526-314634957-2598697488-1003UA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDSMSNfix" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PoivY" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Jak se chova PC

[Pavla V.]

PC se chová snad normálně...

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Pavla V.]

super a děkuji, Pája

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat