prosim o kontrolu logu, podozreni z keyloggeru nebo vir

[peter1973]

dobry den,
mam podozreni, ze mam v pc keylogger alebo vir.
prosim o kontrolu logu

moc dik
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:04:12, on 15. 1. 2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 19.0.2 (sk)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyrix Personal Monitor\spm.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Spyrix Personal Monitor\spmm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Java\jre7\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\WINDOWS\explorer.exe
X:\SUNSOFTW\prog\oasisw\winoasis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Rayfilm\Rayfilm Labels\Labels.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spravca\Dokumenty\Downloads\HijackThis (1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [localSPM] C:\Program Files\Spyrix Personal Monitor\spm.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jre/ ... 586-jc.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://www.yayindayiz.biz/yayin/ampx2.6.1.11_en_dl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12FF6E78-8E1E-4747-BE36-43FD7E271FAA}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B3D99A8-41F5-49E2-9069-2898E64336F0}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Xerox Scan To PC Desktop 11\PaperPort12\PDFProFiltSrvPP.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7545 bytes

[vyosek]

Zdravim

HJT je jiz nekolik let zcela nedostatecny

Dejte log z FRST (FRST.txt i Addition.txt) dle navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Predpokladam ze na ESET mate radne zakoupenou licenci??

[peter1973]

ano, eset je OK


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015
Ran by Spravca (administrator) on SERVER on 15-01-2015 10:14:16
Running from C:\Documents and Settings\Spravca\Plocha
Loaded Profiles: Spravca (Available profiles: Spravca & Spravca1 & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Spyrix Personal Monitor\spmm.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaws.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(RAYFILM) C:\Program Files\Rayfilm\Rayfilm Labels\Labels.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSConfig] => C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [171008 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [kbdsprt] => [X]
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\Program Files\Spyrix Personal Monitor\spm.exe [2327552 2014-12-15] ( ())
HKU\S-1-5-21-2052111302-682003330-839522115-1003\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
BootExecute: autocheck autochk * BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-682003330-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKU\S-1-5-21-2052111302-682003330-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-2052111302-682003330-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://sdlc-esd.sun.com/ESD5/JSCDL/jre/ ... 586-jc.cab
DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} http://download.microsoft.com/download/ ... apicom.cab
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://www.yayindayiz.biz/yayin/ampx2.6.1.11_en_dl.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
ShellExecuteHooks: - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - No File [ ]
Tcpip\..\Interfaces\{12FF6E78-8E1E-4747-BE36-43FD7E271FAA}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{3B3D99A8-41F5-49E2-9069-2898E64336F0}: [NameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Spravca\Data aplikací\Mozilla\Firefox\Profiles\e08mhyim.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052111302-682003330-839522115-1003: @www.flatcast.com/FlatViewer 5.2 -> C:\DOCUME~1\Spravca\DATAAP~1\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin HKU\S-1-5-21-2052111302-682003330-839522115-1003: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF user.js: detected! => C:\Documents and Settings\Spravca\Data aplikací\Mozilla\Firefox\Profiles\e08mhyim.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Spravca\Data aplikací\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-16]
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox
FF Extension: VDownloader - C:\Program Files\VDownloader\Addons\FireFox [2014-05-16]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-06]
CHR Extension: (Disk Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-06]
CHR Extension: (Hľadať v Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-06]
CHR Extension: (Peňaženka Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-06]
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [2014-05-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
S3 Crypkey License; C:\WINDOWS\system32\crypserv.exe [66048 1998-10-13] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896 2007-05-15] (Nero AG)
S3 PDFProFiltSrvPP; C:\Program Files\Xerox Scan To PC Desktop 11\PaperPort12\PDFProFiltSrvPP.exe [145256 2011-09-12] (Nuance Communications, Inc.)
S4 PrintSuperVision Engine; C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe [40960 2009-07-29] (Oki Data Americas, Inc.) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{AF0C42EF-A4E2-4F14-A101-92D83133FA14}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [39464 2014-10-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [63160 2014-10-10] (ESET)
R0 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17088 2014-06-28] (Glarysoft Ltd)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118576 2007-05-15] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [37040 2007-05-15] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16304 2007-05-15] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38576 2007-05-15] (Nero AG)
S3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24000 1998-10-13] () [File not signed]
S1 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [76416 2006-10-11] (Windows (R) 2000 DDK provider) [File not signed]
S1 nmserial; C:\WINDOWS\System32\DRIVERS\nmserial.sys [60032 2006-10-12] (Windows (R) 2000 DDK provider) [File not signed]
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R2 Opaplpt; C:\WINDOWS\system32\Drivers\Opaplpt.sys [36896 2005-11-15] (Oki Data Corporation) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67656 2010-05-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2010-02-12] (Samsung Electronics) [File not signed]
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [File not signed]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 10:14 - 2015-01-15 10:14 - 00016657 _____ () C:\Documents and Settings\Spravca\Plocha\FRST.txt
2015-01-15 10:14 - 2015-01-15 10:14 - 00000000 ____D () C:\FRST
2015-01-15 10:13 - 2015-01-15 10:13 - 01116672 _____ (Farbar) C:\Documents and Settings\Spravca\Plocha\FRST.exe
2015-01-15 10:04 - 2015-01-15 10:04 - 00007546 _____ () C:\spyrix_.txt
2015-01-14 12:55 - 2015-01-14 12:55 - 00000970 _____ () C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
2015-01-14 12:55 - 2015-01-14 12:55 - 00000249 _____ () C:\Documents and Settings\All Users\Plocha\Your Software Deals.url
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Program Files\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\Data aplikací\ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2015-01-13 20:45 - 2015-01-13 20:45 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Data aplikací\Sun
2015-01-13 20:26 - 2015-01-13 20:26 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Simply Super Software
2015-01-13 15:58 - 2015-01-13 15:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Emsisoft
2015-01-13 12:14 - 2015-01-13 12:14 - 00000766 _____ () C:\Documents and Settings\All Users\Plocha\Emsisoft Anti-Malware.lnk
2015-01-13 12:14 - 2015-01-13 12:14 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Emsisoft Anti-Malware
2015-01-13 12:12 - 2015-01-15 09:46 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2015-01-13 12:00 - 2015-01-13 12:00 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Licenses
2015-01-12 20:56 - 2015-01-12 20:56 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\GHISLER
2015-01-12 16:24 - 2015-01-12 18:01 - 07736320 _____ () C:\Documents and Settings\Spravca\Dokumenty\semena_2015_jedn_cena.xls
2015-01-12 16:24 - 2015-01-12 16:24 - 00885887 _____ () C:\semena_2015_jedn_cena.xls
2015-01-12 16:10 - 2015-01-12 16:10 - 00039413 _____ () C:\sem2015.xls
2015-01-12 15:04 - 2015-01-12 15:44 - 00062976 _____ () C:\Documents and Settings\Spravca\Dokumenty\semena_2015_jednitkova_cena.xls
2015-01-12 15:02 - 2015-01-12 16:09 - 00039413 _____ () C:\semena.xls
2015-01-12 14:24 - 2015-01-12 18:01 - 00131584 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_bref_tripack.xls
2015-01-11 20:06 - 2015-01-11 20:06 - 00000750 _____ () C:\WINDOWS\system32\runkey.lnk
2015-01-11 20:06 - 2015-01-11 20:06 - 00000000 ___HD () C:\Program Files\Spyrix Personal Monitor
2015-01-11 20:06 - 2015-01-11 20:06 - 00000000 ___HD () C:\Documents and Settings\All Users\Data aplikací\Spyrix Personal Monitor
2015-01-11 20:05 - 2015-01-11 20:05 - 00005126 _____ () C:\WINDOWS\setupapi.log
2015-01-11 20:04 - 2015-01-11 20:04 - 00000803 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Internet Explorer.lnk
2015-01-11 20:04 - 2015-01-11 20:04 - 00000738 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Outlook Express.lnk
2015-01-11 20:04 - 2015-01-11 20:04 - 00000394 _____ () C:\WINDOWS\wmsetup.log
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\Google
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\ESET
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Data aplikací\ESET
2015-01-11 20:03 - 2015-01-14 07:18 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\temp
2015-01-11 20:03 - 2015-01-13 21:18 - 00000178 ___SH () C:\Documents and Settings\Administrator.SERVER\ntuser.ini
2015-01-11 20:03 - 2015-01-13 20:45 - 00000000 __RHD () C:\Documents and Settings\Administrator.SERVER\Data aplikací
2015-01-11 20:03 - 2015-01-12 20:57 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Plocha
2015-01-11 20:03 - 2015-01-11 20:04 - 00000792 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Windows Media Player.lnk
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Oblíbené položky
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Příslušenství
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Obrázky
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Hudba
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací
2015-01-11 20:03 - 2015-01-11 20:03 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 __SHD () C:\Documents and Settings\Administrator.SERVER\IETldCache
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Po spuštění
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Šablony
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Okolní tiskárny
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Okolní síť
2015-01-11 20:03 - 2009-09-12 09:41 - 00001604 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-01-07 07:11 - 2015-01-07 07:11 - 00487672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-06 14:57 - 2015-01-06 19:05 - 00239104 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_domestos _attax.xls
2015-01-06 14:20 - 2015-01-06 19:05 - 00246272 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_bref_za_1.xls
2015-01-05 17:49 - 2015-01-05 17:52 - 00143872 _____ () C:\Documents and Settings\Spravca\Dokumenty\bez_k.xls
2015-01-02 15:20 - 2015-01-02 15:58 - 00338944 _____ () C:\Documents and Settings\Spravca\Dokumenty\vysvetlivky.xls
2015-01-02 15:13 - 2015-01-02 15:58 - 00872448 _____ () C:\Documents and Settings\Spravca\Dokumenty\pf_2015.xls
2015-01-02 07:43 - 2015-01-02 07:43 - 00000000 ____D () C:\Documents and Settings\Spravca1\Data aplikací\Sun
2015-01-02 07:37 - 2015-01-02 07:37 - 00000000 ____D () C:\Documents and Settings\Spravca1\Local Settings\Data aplikací\Google
2014-12-31 10:08 - 2014-12-31 13:18 - 00560128 _____ () C:\Documents and Settings\Spravca\Dokumenty\pf_od_stryca.xls
2014-12-31 07:16 - 2015-01-15 07:25 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-12-31 07:15 - 2015-01-15 07:24 - 00000051 _____ () C:\WINDOWS\wiaservc.log
2014-12-31 07:15 - 2015-01-15 07:23 - 00004562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-31 07:15 - 2014-12-31 07:15 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2014-12-30 20:20 - 2014-12-31 13:18 - 05295104 _____ () C:\Documents and Settings\Spravca\Dokumenty\sackova_1pf.xls
2014-12-30 19:15 - 2014-12-30 20:09 - 05430272 _____ () C:\Documents and Settings\Spravca\Dokumenty\sackova.xls
2014-12-30 17:58 - 2014-12-30 18:00 - 01501696 _____ () C:\Documents and Settings\Spravca\Dokumenty\austria.xls
2014-12-30 16:39 - 2014-12-30 16:39 - 07510829 _____ () C:\Documents and Settings\Spravca\Dokumenty\f_orig.mp4
2014-12-30 16:32 - 2014-12-30 16:32 - 05351789 _____ () C:\Documents and Settings\Spravca\Dokumenty\f_kr.mp4
2014-12-30 11:08 - 2014-12-30 11:08 - 00061952 _____ () C:\Documents and Settings\Spravca\Dokumenty\polmak_2015 (1).xls
2014-12-29 13:17 - 2014-12-29 17:40 - 194742784 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_cistiace_kupelna_kuchyna_nova_2014.xls
2014-12-24 09:48 - 2014-12-24 18:56 - 00067072 _____ () C:\Documents and Settings\Spravca\Dokumenty\polmak_2015.xls
2014-12-23 11:53 - 2014-12-23 21:49 - 04530176 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_otvaracie_hodiny_brana.xls
2014-12-19 12:32 - 2014-12-19 12:32 - 00375296 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_metla_cirokova_2_trieda.xls
2014-12-18 21:40 - 2014-12-18 21:40 - 00993280 _____ () C:\Documents and Settings\Spravca\Dokumenty\pani_erika.xls
2014-12-18 21:38 - 2015-01-14 17:16 - 81140224 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_zeminy_2015.xls
2014-12-18 17:45 - 2014-12-18 21:40 - 37335040 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_zemin_substratov_ vsetky_obj.xls
2014-12-18 09:27 - 2014-12-18 16:04 - 37317120 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_zemin_vsetky.xls
2014-12-16 16:10 - 2014-12-16 16:13 - 00849920 _____ () C:\Documents and Settings\Spravca\Dokumenty\obaly_manes.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 10:15 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\temp
2015-01-15 10:14 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca\Plocha
2015-01-15 10:13 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\IObit
2015-01-15 09:36 - 2014-05-16 11:14 - 00000000 ____D () C:\ETIKEY_RAYFILM
2015-01-15 07:42 - 2014-05-16 12:05 - 01841871 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 07:25 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-15 07:24 - 2014-05-16 12:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-15 07:23 - 2014-05-16 12:01 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-15 07:23 - 2014-05-16 11:13 - 00000178 ___SH () C:\Documents and Settings\Spravca\ntuser.ini
2015-01-15 06:44 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-01-15 06:41 - 2014-05-16 10:43 - 00000339 __RSH () C:\boot.ini
2015-01-15 06:41 - 2008-04-14 13:00 - 00000589 _____ () C:\WINDOWS\win.ini
2015-01-15 06:41 - 2008-04-14 13:00 - 00000246 _____ () C:\WINDOWS\system.ini
2015-01-14 18:23 - 2014-05-16 11:13 - 00000000 ____D () C:\ETIKETY
2015-01-14 18:00 - 2014-05-16 12:04 - 00083574 _____ () C:\WINDOWS\system32\vfp9rerr.log
2015-01-14 17:16 - 2014-05-16 10:47 - 00000000 ___RD () C:\Documents and Settings\Spravca\Dokumenty
2015-01-14 12:55 - 2014-05-16 11:10 - 00000000 ___HD () C:\Documents and Settings\Spravca\Local Settings\Data aplikací
2015-01-14 12:55 - 2014-05-16 10:43 - 00000000 __RHD () C:\Documents and Settings\Spravca\Data aplikací
2015-01-14 12:55 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-14 12:55 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-14 12:55 - 2014-05-16 10:41 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-01-13 20:30 - 2014-05-16 12:05 - 00002042 _____ () C:\WINDOWS\wincmd.ini
2015-01-13 12:00 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2015-01-13 11:46 - 2014-05-16 11:08 - 322432512 _____ () C:\Documents and Settings\Spravca\Dokumenty\cenovka_color_mala_1_DPH.xls
2015-01-12 13:23 - 2014-05-16 11:08 - 06074368 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_semena_cen_skupiny.xls
2015-01-09 16:52 - 2014-05-16 12:05 - 00000031 _____ () C:\WINDOWS\MCDB.ini
2015-01-06 19:10 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\Spravca
2015-01-06 19:05 - 2014-05-16 11:09 - 00888320 _____ () C:\Documents and Settings\Spravca\Dokumenty\marza_2011_01.XLS
2015-01-06 19:05 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\.gimp-2.6
2015-01-06 14:45 - 2014-05-16 11:09 - 00239616 _____ () C:\Documents and Settings\Spravca\Dokumenty\Sešit2.xls
2015-01-02 13:37 - 2014-05-16 11:13 - 00000178 ___SH () C:\Documents and Settings\Spravca1\ntuser.ini
2015-01-02 07:43 - 2014-05-16 11:13 - 00000000 __RHD () C:\Documents and Settings\Spravca1\Data aplikací
2015-01-02 07:43 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca1\Local Settings\temp
2015-01-02 07:37 - 2014-05-16 11:13 - 00000000 ___HD () C:\Documents and Settings\Spravca1\Local Settings\Data aplikací
2015-01-02 07:36 - 2014-06-28 10:06 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\DiskDefrag
2014-12-31 10:33 - 2014-05-16 11:33 - 00000000 ____D () C:\sunsoftw
2014-12-31 10:18 - 2014-05-16 10:47 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\vlc
2014-12-30 20:07 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\gtk-2.0
2014-12-29 12:10 - 2014-05-16 11:10 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Deployment
2014-12-24 18:40 - 2014-05-16 10:47 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\XnView
2014-12-24 16:16 - 2014-05-16 11:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-24 16:16 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca\Nabídka Start\Programy\CCleaner
2014-12-24 16:16 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2014-12-24 16:15 - 2014-05-16 10:42 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-12-23 09:42 - 2014-05-16 11:07 - 18786304 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_hnojiva_na_dreveny_regal.xls
2014-12-18 18:00 - 2014-12-11 18:16 - 07336960 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_toal_papier_bianka.xls
2014-12-18 09:24 - 2014-05-16 11:09 - 37324288 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_2012_zeminy_raselina_kera_forestina_SESTAk.xls
2014-12-17 18:49 - 2014-05-16 11:06 - 01374720 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_cenovka_miska_konex.xls

Some content of TEMP:
====================
C:\Documents and Settings\Spravca\Local Settings\temp\jre-7u71-windows-i586-iftw.exe
C:\Documents and Settings\Spravca1\Local Settings\temp\jre-7u71-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

[JaRon]

ospravedlnujem sa kolegovi za vstup - ale z principu nemam rad KL
odstran C:\Program Files\Spyrix Personal Monitor a mozes pokojne pokracovat s kolegom v docisteni

[peter1973]

dal som uninstall

C:\Program Files\Spyrix Personal Monitor

[JaRon]

dobre
http://www.stahuj.centrum.cz/utility_a_ ... l-monitor/

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[peter1973]

# AdwCleaner v4.107 - Report created 15/01/2015 at 10:59:36
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Spravca - SERVER
# Running from : C:\Documents and Settings\Spravca\Plocha\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Crypkey License

***** [ Files / Folders ] *****

File Deleted : C:\WINDOWS\system32\Crypserv.exe
File Deleted : C:\Documents and Settings\Spravca\Data aplikací\Mozilla\Firefox\Profiles\e08mhyim.default\user.js
File Deleted : C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v19.0.2 (sk)


-\\ Google Chrome v36.0.1985.143

[C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://supertoolbar.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=en_EU

*************************

AdwCleaner[R0].txt - [2694 octets] - [15/01/2015 10:55:55]
AdwCleaner[S0].txt - [2649 octets] - [15/01/2015 10:59:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2709 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[peter1973]

Zoek.exe v5.0.0.0 Updated 14-01-2015
Tool run by Spravca on çt 15. 01. 2015 at 11:17:12,89.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Spravca\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 1. 2015 11:18:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Suspicious Entries Found ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:Remote Desktop"
"65533:TCP"="65533:TCP:*:Enabled:Services"
"52344:TCP"="52344:TCP:*:Enabled:Services"
"4085:TCP"="4085:TCP:*:Enabled:Services"
"6670:TCP"="6670:TCP:*:Enabled:Services"
"5743:TCP"="5743:TCP:*:Enabled:Services"
"9986:TCP"="9986:TCP:*:Enabled:Services"
"9349:TCP"="9349:TCP:*:Enabled:Services"
"9755:TCP"="9755:TCP:*:Enabled:Services"
"2537:TCP"="2537:TCP:*:Enabled:Services"
"9364:TCP"="9364:TCP:*:Enabled:Services"
"2068:TCP"="2068:TCP:*:Enabled:Services"
"4631:TCP"="4631:TCP:*:Enabled:Services"
"8223:TCP"="8223:TCP:*:Enabled:Services"
"4632:TCP"="4632:TCP:*:Enabled:Services"
"8473:TCP"="8473:TCP:*:Enabled:Services"
"6490:TCP"="6490:TCP:*:Enabled:Services"
"7052:TCP"="7052:TCP:*:Enabled:Services"
"9348:TCP"="9348:TCP:*:Enabled:Services"
"7271:TCP"="7271:TCP:*:Enabled:Services"
"9381:TCP"="9381:TCP:*:Enabled:Services"
"6506:TCP"="6506:TCP:*:Enabled:Services"
"8365:TCP"="8365:TCP:*:Enabled:Services"
"6271:TCP"="6271:TCP:*:Enabled:Services"
"6881:TCP"="6881:TCP:*:Enabled:Services"
"9787:TCP"="9787:TCP:*:Enabled:Services"
"4584:TCP"="4584:TCP:*:Enabled:Services"
"9911:TCP"="9911:TCP:*:Enabled:Services"
"1834:TCP"="1834:TCP:*:Enabled:Services"
"9661:TCP"="9661:TCP:*:Enabled:Services"
"7724:TCP"="7724:TCP:*:Enabled:Services"
"3865:TCP"="3865:TCP:*:Enabled:Services"
"2115:TCP"="2115:TCP:*:Enabled:Services"
"2365:TCP"="2365:TCP:*:Enabled:Services"
"8318:TCP"="8318:TCP:*:Enabled:Services"
"9989:TCP"="9989:TCP:*:Enabled:Services"
"5396:TCP"="5396:TCP:*:Enabled:Services"
"5240:TCP"="5240:TCP:*:Enabled:Services"
"4787:TCP"="4787:TCP:*:Enabled:Services"
"9239:TCP"="9239:TCP:*:Enabled:Services"
"7177:TCP"="7177:TCP:*:Enabled:Services"
"7302:TCP"="7302:TCP:*:Enabled:Services"
"6537:TCP"="6537:TCP:*:Enabled:Services"
"8677:TCP"="8677:TCP:*:Enabled:Services"
"7505:TCP"="7505:TCP:*:Enabled:Services"
"6691:TCP"="6691:TCP:*:Enabled:Services"
"4034:TCP"="4034:TCP:*:Enabled:Services"
"3707:TCP"="3707:TCP:*:Enabled:Services"

==== Empty Folders Check ======================

C:\Program Files\rayfilm_etikety deleted successfully
C:\Program Files\Common Files\NSV deleted successfully
C:\DOCUME~1\ALLUSE~1\NABDKA~1\Programy\rayfilm deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted
C:\Program Files\E.M. PowerPoint Video Converter deleted
C:\Program Files\VDownloader deleted
C:\bcxp86cz.exe deleted
C:\fliqlo_110.exe deleted
C:\nicelabel.exe deleted
C:\OKB3C03S_ENU1012_tcm3-157266 (1).exe deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\pdfxls2.dll deleted
C:\DOCUME~1\ALLUSE~1\NABDKA~1\Programy\TAL Bar Code ActiveX Control Demo deleted
C:\WINDOWS\System32\AI_RecycleBin deleted
C:\WINDOWS\System32\tempdir deleted
C:\Documents and Settings\All Users\Plocha\VDownloader.lnk deleted
"C:\WINDOWS\Installer\3912bb.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"support@vdownloader.com"="C:\Program Files\VDownloader\Addons\FireFox" []

==== Chromium Look ======================

Google Chrome Version: 36.0.1985.143 (Possible outdated, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eoccbpoodnckjdnackiffhjfkogfhnhh - C:\Program Files\VDownloader\Addons\Chrome.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.sk/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.sk/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{7E3E0FAB-835B-444A-A8A1-F11D077185FA} Google Url="http://www.google.com/search?q={searchT ... 1I7PCTA_cs"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\support@vdownloader.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\123D74838AB65874B973882D2DCF05C3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eoccbpoodnckjdnackiffhjfkogfhnhh deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3847D321-6BA8-4785-9B37-88D2D2FC503C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TAL Bar Code ActiveX Control Demo deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\123D74838AB65874B973882D2DCF05C3 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetTimeByKapaCZ deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator.SERVER\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Spravca1\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Spravca\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=344 folders=67 91225380 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Spravca\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Spravca\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on çt 15. 01. 2015 at 11:43:24,79 ======================

[vyosek]

Poprosim o novy log z FRST

[peter1973]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015
Ran by Spravca (administrator) on SERVER on 15-01-2015 11:58:55
Running from C:\Documents and Settings\Spravca\Plocha
Loaded Profiles: Spravca (Available profiles: Spravca & Spravca1 & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaws.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSConfig] => C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [171008 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [kbdsprt] => [X]
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-2052111302-682003330-839522115-1003\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
BootExecute: autocheck autochk * BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-682003330-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2052111302-682003330-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKU\S-1-5-21-2052111302-682003330-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://sdlc-esd.sun.com/ESD5/JSCDL/jre/ ... 586-jc.cab
DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} http://download.microsoft.com/download/ ... apicom.cab
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://www.yayindayiz.biz/yayin/ampx2.6.1.11_en_dl.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
Tcpip\..\Interfaces\{12FF6E78-8E1E-4747-BE36-43FD7E271FAA}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{3B3D99A8-41F5-49E2-9069-2898E64336F0}: [NameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Spravca\Data aplikací\Mozilla\Firefox\Profiles\e08mhyim.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052111302-682003330-839522115-1003: @www.flatcast.com/FlatViewer 5.2 -> C:\DOCUME~1\Spravca\DATAAP~1\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin HKU\S-1-5-21-2052111302-682003330-839522115-1003: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Spravca\Data aplikací\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-16]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-06]
CHR Extension: (Disk Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-06]
CHR Extension: (YouTube) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-06]
CHR Extension: (Hľadať v Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-06]
CHR Extension: (Peňaženka Google) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR Extension: (Gmail) - C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1550896 2007-05-15] (Nero AG)
S3 PDFProFiltSrvPP; C:\Program Files\Xerox Scan To PC Desktop 11\PaperPort12\PDFProFiltSrvPP.exe [145256 2011-09-12] (Nuance Communications, Inc.)
S4 PrintSuperVision Engine; C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe [40960 2009-07-29] (Oki Data Americas, Inc.) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{AF0C42EF-A4E2-4F14-A101-92D83133FA14}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-06-16] (Glarysoft Ltd)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [39464 2014-10-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [63160 2014-10-10] (ESET)
R0 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17088 2014-06-28] (Glarysoft Ltd)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118576 2007-05-15] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [37040 2007-05-15] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16304 2007-05-15] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38576 2007-05-15] (Nero AG)
S3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24000 1998-10-13] () [File not signed]
S1 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [76416 2006-10-11] (Windows (R) 2000 DDK provider) [File not signed]
S1 nmserial; C:\WINDOWS\System32\DRIVERS\nmserial.sys [60032 2006-10-12] (Windows (R) 2000 DDK provider) [File not signed]
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R2 Opaplpt; C:\WINDOWS\system32\Drivers\Opaplpt.sys [36896 2005-11-15] (Oki Data Corporation) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67656 2010-05-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2010-02-12] (Samsung Electronics) [File not signed]
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [File not signed]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 11:41 - 2015-01-15 11:59 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\Temp
2015-01-15 11:41 - 2015-01-15 11:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-15 11:18 - 2015-01-15 11:43 - 00010131 _____ () C:\zoek-results.log
2015-01-15 11:17 - 2015-01-15 11:33 - 00000000 ____D () C:\zoek_backup
2015-01-15 10:55 - 2015-01-15 10:59 - 00000000 ____D () C:\AdwCleaner
2015-01-15 10:53 - 2015-01-15 10:53 - 01295360 _____ () C:\Documents and Settings\Spravca\Plocha\zoek.exe
2015-01-15 10:51 - 2015-01-15 10:51 - 02191360 _____ () C:\Documents and Settings\Spravca\Plocha\adwcleaner_4.107.exe
2015-01-15 10:17 - 2015-01-15 10:18 - 00076882 _____ () C:\Documents and Settings\Spravca\Plocha\Addition.txt
2015-01-15 10:14 - 2015-01-15 11:59 - 00015417 _____ () C:\Documents and Settings\Spravca\Plocha\FRST.txt
2015-01-15 10:14 - 2015-01-15 11:58 - 00000000 ____D () C:\FRST
2015-01-15 10:13 - 2015-01-15 10:13 - 01116672 _____ (Farbar) C:\Documents and Settings\Spravca\Plocha\FRST.exe
2015-01-15 10:04 - 2015-01-15 10:04 - 00007546 _____ () C:\spyrix_.txt
2015-01-14 12:55 - 2015-01-14 12:55 - 00000970 _____ () C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
2015-01-14 12:55 - 2015-01-14 12:55 - 00000249 _____ () C:\Documents and Settings\All Users\Plocha\Your Software Deals.url
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Program Files\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\Data aplikací\ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Ashampoo
2015-01-14 12:55 - 2015-01-14 12:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2015-01-13 20:45 - 2015-01-13 20:45 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Data aplikací\Sun
2015-01-13 20:26 - 2015-01-13 20:26 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Simply Super Software
2015-01-13 15:58 - 2015-01-13 15:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Emsisoft
2015-01-13 12:14 - 2015-01-13 12:14 - 00000766 _____ () C:\Documents and Settings\All Users\Plocha\Emsisoft Anti-Malware.lnk
2015-01-13 12:14 - 2015-01-13 12:14 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Emsisoft Anti-Malware
2015-01-13 12:12 - 2015-01-15 11:47 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2015-01-13 12:00 - 2015-01-13 12:00 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Licenses
2015-01-12 20:56 - 2015-01-12 20:56 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\GHISLER
2015-01-12 16:24 - 2015-01-12 18:01 - 07736320 _____ () C:\Documents and Settings\Spravca\Dokumenty\semena_2015_jedn_cena.xls
2015-01-12 16:24 - 2015-01-12 16:24 - 00885887 _____ () C:\semena_2015_jedn_cena.xls
2015-01-12 16:10 - 2015-01-12 16:10 - 00039413 _____ () C:\sem2015.xls
2015-01-12 15:04 - 2015-01-12 15:44 - 00062976 _____ () C:\Documents and Settings\Spravca\Dokumenty\semena_2015_jednitkova_cena.xls
2015-01-12 15:02 - 2015-01-12 16:09 - 00039413 _____ () C:\semena.xls
2015-01-12 14:24 - 2015-01-12 18:01 - 00131584 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_bref_tripack.xls
2015-01-11 20:06 - 2015-01-15 10:39 - 00000000 ___HD () C:\Program Files\Spyrix Personal Monitor
2015-01-11 20:05 - 2015-01-11 20:05 - 00005126 _____ () C:\WINDOWS\setupapi.log
2015-01-11 20:04 - 2015-01-11 20:04 - 00000803 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Internet Explorer.lnk
2015-01-11 20:04 - 2015-01-11 20:04 - 00000738 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Outlook Express.lnk
2015-01-11 20:04 - 2015-01-11 20:04 - 00000394 _____ () C:\WINDOWS\wmsetup.log
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\Google
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací\ESET
2015-01-11 20:04 - 2015-01-11 20:04 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Data aplikací\ESET
2015-01-11 20:03 - 2015-01-14 07:18 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Local Settings\temp
2015-01-11 20:03 - 2015-01-13 21:18 - 00000178 ___SH () C:\Documents and Settings\Administrator.SERVER\ntuser.ini
2015-01-11 20:03 - 2015-01-13 20:45 - 00000000 __RHD () C:\Documents and Settings\Administrator.SERVER\Data aplikací
2015-01-11 20:03 - 2015-01-12 20:57 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER\Plocha
2015-01-11 20:03 - 2015-01-11 20:04 - 00000792 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Windows Media Player.lnk
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Oblíbené položky
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Příslušenství
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Obrázky
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty\Hudba
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Dokumenty
2015-01-11 20:03 - 2015-01-11 20:04 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Local Settings\Data aplikací
2015-01-11 20:03 - 2015-01-11 20:03 - 00000000 ____D () C:\Documents and Settings\Administrator.SERVER
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 __SHD () C:\Documents and Settings\Administrator.SERVER\IETldCache
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Po spuštění
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\Administrator.SERVER\Nabídka Start
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Šablony
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Okolní tiskárny
2015-01-11 20:03 - 2014-05-16 10:42 - 00000000 ___HD () C:\Documents and Settings\Administrator.SERVER\Okolní síť
2015-01-11 20:03 - 2009-09-12 09:41 - 00001604 _____ () C:\Documents and Settings\Administrator.SERVER\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-01-07 07:11 - 2015-01-07 07:11 - 00487672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-06 14:57 - 2015-01-06 19:05 - 00239104 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_domestos _attax.xls
2015-01-06 14:20 - 2015-01-06 19:05 - 00246272 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_bref_za_1.xls
2015-01-05 17:49 - 2015-01-05 17:52 - 00143872 _____ () C:\Documents and Settings\Spravca\Dokumenty\bez_k.xls
2015-01-02 15:20 - 2015-01-02 15:58 - 00338944 _____ () C:\Documents and Settings\Spravca\Dokumenty\vysvetlivky.xls
2015-01-02 15:13 - 2015-01-02 15:58 - 00872448 _____ () C:\Documents and Settings\Spravca\Dokumenty\pf_2015.xls
2015-01-02 07:43 - 2015-01-02 07:43 - 00000000 ____D () C:\Documents and Settings\Spravca1\Data aplikací\Sun
2015-01-02 07:37 - 2015-01-02 07:37 - 00000000 ____D () C:\Documents and Settings\Spravca1\Local Settings\Data aplikací\Google
2014-12-31 10:08 - 2014-12-31 13:18 - 00560128 _____ () C:\Documents and Settings\Spravca\Dokumenty\pf_od_stryca.xls
2014-12-31 07:16 - 2015-01-15 11:43 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-31 07:15 - 2015-01-15 11:42 - 00000051 _____ () C:\WINDOWS\wiaservc.log
2014-12-31 07:15 - 2015-01-15 11:41 - 00004898 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-31 07:15 - 2014-12-31 07:15 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2014-12-30 20:20 - 2014-12-31 13:18 - 05295104 _____ () C:\Documents and Settings\Spravca\Dokumenty\sackova_1pf.xls
2014-12-30 19:15 - 2014-12-30 20:09 - 05430272 _____ () C:\Documents and Settings\Spravca\Dokumenty\sackova.xls
2014-12-30 17:58 - 2014-12-30 18:00 - 01501696 _____ () C:\Documents and Settings\Spravca\Dokumenty\austria.xls
2014-12-30 16:39 - 2014-12-30 16:39 - 07510829 _____ () C:\Documents and Settings\Spravca\Dokumenty\f_orig.mp4
2014-12-30 16:32 - 2014-12-30 16:32 - 05351789 _____ () C:\Documents and Settings\Spravca\Dokumenty\f_kr.mp4
2014-12-30 11:08 - 2014-12-30 11:08 - 00061952 _____ () C:\Documents and Settings\Spravca\Dokumenty\polmak_2015 (1).xls
2014-12-29 13:17 - 2014-12-29 17:40 - 194742784 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_cistiace_kupelna_kuchyna_nova_2014.xls
2014-12-24 09:48 - 2014-12-24 18:56 - 00067072 _____ () C:\Documents and Settings\Spravca\Dokumenty\polmak_2015.xls
2014-12-23 11:53 - 2014-12-23 21:49 - 04530176 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_otvaracie_hodiny_brana.xls
2014-12-19 12:32 - 2014-12-19 12:32 - 00375296 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_metla_cirokova_2_trieda.xls
2014-12-18 21:40 - 2014-12-18 21:40 - 00993280 _____ () C:\Documents and Settings\Spravca\Dokumenty\pani_erika.xls
2014-12-18 21:38 - 2015-01-14 17:16 - 81140224 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_zeminy_2015.xls
2014-12-18 17:45 - 2014-12-18 21:40 - 37335040 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_zemin_substratov_ vsetky_obj.xls
2014-12-18 09:27 - 2014-12-18 16:04 - 37317120 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_zemin_vsetky.xls
2014-12-16 16:10 - 2014-12-16 16:13 - 00849920 _____ () C:\Documents and Settings\Spravca\Dokumenty\obaly_manes.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 11:58 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca\Plocha
2015-01-15 11:46 - 2014-05-16 12:05 - 01869251 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 11:43 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-15 11:42 - 2014-05-16 12:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-15 11:41 - 2014-05-16 12:01 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-15 11:41 - 2014-05-16 11:13 - 00000178 ___SH () C:\Documents and Settings\Spravca\ntuser.ini
2015-01-15 11:33 - 2014-05-16 10:42 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-15 11:33 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-15 11:33 - 2014-05-16 10:41 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-01-15 10:13 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\IObit
2015-01-15 09:36 - 2014-05-16 11:14 - 00000000 ____D () C:\ETIKEY_RAYFILM
2015-01-15 06:44 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-01-15 06:41 - 2014-05-16 10:43 - 00000339 __RSH () C:\boot.ini
2015-01-15 06:41 - 2008-04-14 13:00 - 00000589 _____ () C:\WINDOWS\win.ini
2015-01-15 06:41 - 2008-04-14 13:00 - 00000246 _____ () C:\WINDOWS\system.ini
2015-01-14 18:23 - 2014-05-16 11:13 - 00000000 ____D () C:\ETIKETY
2015-01-14 18:00 - 2014-05-16 12:04 - 00083574 _____ () C:\WINDOWS\system32\vfp9rerr.log
2015-01-14 17:16 - 2014-05-16 10:47 - 00000000 ___RD () C:\Documents and Settings\Spravca\Dokumenty
2015-01-14 12:55 - 2014-05-16 11:10 - 00000000 ___HD () C:\Documents and Settings\Spravca\Local Settings\Data aplikací
2015-01-14 12:55 - 2014-05-16 10:43 - 00000000 __RHD () C:\Documents and Settings\Spravca\Data aplikací
2015-01-13 20:30 - 2014-05-16 12:05 - 00002042 _____ () C:\WINDOWS\wincmd.ini
2015-01-13 12:00 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2015-01-13 11:46 - 2014-05-16 11:08 - 322432512 _____ () C:\Documents and Settings\Spravca\Dokumenty\cenovka_color_mala_1_DPH.xls
2015-01-12 13:23 - 2014-05-16 11:08 - 06074368 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_semena_cen_skupiny.xls
2015-01-09 16:52 - 2014-05-16 12:05 - 00000031 _____ () C:\WINDOWS\MCDB.ini
2015-01-06 19:10 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\Spravca
2015-01-06 19:05 - 2014-05-16 11:09 - 00888320 _____ () C:\Documents and Settings\Spravca\Dokumenty\marza_2011_01.XLS
2015-01-06 19:05 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\.gimp-2.6
2015-01-06 14:45 - 2014-05-16 11:09 - 00239616 _____ () C:\Documents and Settings\Spravca\Dokumenty\Sešit2.xls
2015-01-02 13:37 - 2014-05-16 11:13 - 00000178 ___SH () C:\Documents and Settings\Spravca1\ntuser.ini
2015-01-02 07:43 - 2014-05-16 11:13 - 00000000 __RHD () C:\Documents and Settings\Spravca1\Data aplikací
2015-01-02 07:43 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca1\Local Settings\temp
2015-01-02 07:37 - 2014-05-16 11:13 - 00000000 ___HD () C:\Documents and Settings\Spravca1\Local Settings\Data aplikací
2015-01-02 07:36 - 2014-06-28 10:06 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\DiskDefrag
2014-12-31 10:33 - 2014-05-16 11:33 - 00000000 ____D () C:\sunsoftw
2014-12-31 10:18 - 2014-05-16 10:47 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\vlc
2014-12-30 20:07 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\gtk-2.0
2014-12-29 12:10 - 2014-05-16 11:10 - 00000000 ____D () C:\Documents and Settings\Spravca\Local Settings\Data aplikací\Deployment
2014-12-24 18:40 - 2014-05-16 10:47 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\XnView
2014-12-24 16:16 - 2014-05-16 11:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-24 16:16 - 2014-05-16 11:13 - 00000000 ____D () C:\Documents and Settings\Spravca\Nabídka Start\Programy\CCleaner
2014-12-24 16:16 - 2014-05-16 10:42 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2014-12-24 16:15 - 2014-05-16 10:42 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2014-12-23 09:42 - 2014-05-16 11:07 - 18786304 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_hnojiva_na_dreveny_regal.xls
2014-12-18 18:00 - 2014-12-11 18:16 - 07336960 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_toal_papier_bianka.xls
2014-12-18 09:24 - 2014-05-16 11:09 - 37324288 _____ () C:\Documents and Settings\Spravca\Dokumenty\prehlad_2012_zeminy_raselina_kera_forestina_SESTAk.xls
2014-12-17 18:49 - 2014-05-16 11:06 - 01374720 _____ () C:\Documents and Settings\Spravca\Dokumenty\cash_cenovka_miska_konex.xls

Some content of TEMP:
====================
C:\Documents and Settings\Spravca\Local Settings\Temp\jre-7u71-windows-i586-iftw.exe
C:\Documents and Settings\Spravca1\Local Settings\Temp\jre-7u71-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

[vyosek]

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Odinstalujte Emsisoft Anti-Malware - mate ESET, coz bohate staci a jen by dochazelo ke kolizi

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\Run: [kbdsprt] => [X]
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-2052111302-682003330-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
  BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
  Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  
  R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
  S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
  R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
  R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
  R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
  R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
  R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
  S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
  U1 eamon; system32\DRIVERS\eamon.sys [X]
  S4 IntelIde; No ImagePath
  
  C:\Program Files\Emsisoft Anti-Malware
  C:\Program Files\IObit
  2015-01-15 11:41 - 2015-01-15 11:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2015-01-15 11:18 - 2015-01-15 11:43 - 00010131 _____ () C:\zoek-results.log
  2015-01-15 11:17 - 2015-01-15 11:33 - 00000000 ____D () C:\zoek_backup
  2015-01-15 10:55 - 2015-01-15 10:59 - 00000000 ____D () C:\AdwCleaner
  2015-01-15 10:53 - 2015-01-15 10:53 - 01295360 _____ () C:\Documents and Settings\Spravca\Plocha\zoek.exe
  2015-01-15 10:51 - 2015-01-15 10:51 - 02191360 _____ () C:\Documents and Settings\Spravca\Plocha\adwcleaner_4.107.exe
  2015-01-15 10:17 - 2015-01-15 10:18 - 00076882 _____ () C:\Documents and Settings\Spravca\Plocha\Addition.txt
  2015-01-15 10:14 - 2015-01-15 11:59 - 00015417 _____ () C:\Documents and Settings\Spravca\Plocha\FRST.txt2015-01-15 10:04 - 2015-01-15 10:04 - 00007546 _____ () C:\spyrix_.txt
  2015-01-13 15:58 - 2015-01-13 15:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Emsisoft
  2015-01-11 20:06 - 2015-01-15 10:39 - 00000000 ___HD () C:\Program Files\Spyrix Personal Monitor
  2015-01-15 10:13 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\IObit
  2015-01-15 06:44 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
  C:\Program Files\Spyrix Personal Monitor
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[peter1973]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2015
Ran by Spravca at 2015-01-15 14:27:20 Run:1
Running from C:\Documents and Settings\Spravca\Plocha
Loaded Profiles: Spravca (Available profiles: Spravca & Spravca1 & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [kbdsprt] => [X]

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-682003330-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath

C:\Program Files\Emsisoft Anti-Malware
C:\Program Files\IObit
2015-01-15 11:41 - 2015-01-15 11:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-15 11:18 - 2015-01-15 11:43 - 00010131 _____ () C:\zoek-results.log
2015-01-15 11:17 - 2015-01-15 11:33 - 00000000 ____D () C:\zoek_backup
2015-01-15 10:55 - 2015-01-15 10:59 - 00000000 ____D () C:\AdwCleaner
2015-01-15 10:53 - 2015-01-15 10:53 - 01295360 _____ () C:\Documents and Settings\Spravca\Plocha\zoek.exe
2015-01-15 10:51 - 2015-01-15 10:51 - 02191360 _____ () C:\Documents and Settings\Spravca\Plocha\adwcleaner_4.107.exe
2015-01-15 10:17 - 2015-01-15 10:18 - 00076882 _____ () C:\Documents and Settings\Spravca\Plocha\Addition.txt
2015-01-15 10:14 - 2015-01-15 11:59 - 00015417 _____ () C:\Documents and Settings\Spravca\Plocha\FRST.txt2015-01-15 10:04 - 2015-01-15 10:04 - 00007546 _____ () C:\spyrix_.txt
2015-01-13 15:58 - 2015-01-13 15:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Emsisoft
2015-01-11 20:06 - 2015-01-15 10:39 - 00000000 ___HD () C:\Program Files\Spyrix Personal Monitor
2015-01-15 10:13 - 2014-05-16 10:43 - 00000000 ____D () C:\Documents and Settings\Spravca\Data aplikací\IObit
2015-01-15 06:44 - 2014-05-16 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
C:\Program Files\Spyrix Personal Monitor

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\kbdsprt => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2052111302-682003330-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2052111302-682003330-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
"HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
"HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
a2AntiMalware => Service not found.
AdvancedSystemCareService6 => Service not found.
a2acc => Service not found.
A2DDA => Service not found.
a2injectiondriver => Service not found.
a2util => Service not found.
cleanhlp => Service stopped successfully.
cleanhlp => Service deleted successfully.
DgiVecp => Service deleted successfully.
eamon => Error deleting Service
IntelIde => Service deleted successfully.
C:\Program Files\Emsisoft Anti-Malware => Moved successfully.
C:\Program Files\IObit => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Spravca\Plocha\zoek.exe => Moved successfully.
C:\Documents and Settings\Spravca\Plocha\adwcleaner_4.107.exe => Moved successfully.
C:\Documents and Settings\Spravca\Plocha\Addition.txt => Moved successfully.
C:\spyrix_.txt => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Emsisoft => Moved successfully.
C:\Program Files\Spyrix Personal Monitor => Moved successfully.
C:\Documents and Settings\Spravca\Data aplikací\IObit => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy => Moved successfully.
"C:\Program Files\Spyrix Personal Monitor" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 757.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:27:47 ====

[vyosek]

Jak se chova PC???