VIRY.CZ

Dobrý den,

mám problém s trojským koněm papras.dr. Na daném notebooku nod32 neustále hlásí infikování tímto virem a jeho odstranění. Nyní není možno ani otevřít např. prohlížeč, zobrazí se zpráva o odepření přístupu. Spustil jsem tedy OS v nouzovém režimu a spustil FRST (v běžném režimu byl opět přístup odepřen), log vizte níže.

Děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by admin (administrator) on OEM on 03-04-2015 17:05:07
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available profiles: admin)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(forum.viry.cz) C:\Documents and Settings\admin\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-05-29] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [614400 2009-08-14] ()
HKLM\...\Run: [4600 Scan2PC] => C:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe [1968640 2009-09-10] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-18] (RealNetworks, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-15] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [Google Update] => C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [107912 2014-11-04] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [LokivOmuhi] => regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi\JohqOkti.oll"
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {4984622D-5AFF-44EF-B4EA-94A47A65B8AC} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {551B8A20-177E-4321-99EA-4D6BFEE34AE6} URL = http://search.seznam.cz/?q={searchTerms ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {6521DD8D-89E1-4DA4-970D-3496E6F31FF5} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {68ef2fc2-5408-4845-8746-b90505c528dd} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {787F0EDB-67F7-4241-87BB-5BC9403BD58E} URL = http://www.novinky.cz/hledej?w={searchT ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {7D8B9D82-4AD2-4CB5-ACC6-D96FDEFF2CB4} URL = http://encyklopedie.seznam.cz/search?q= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {aaa1ba04-fff0-4577-bd1a-7c25c1069bd4} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {b78bbc0b-162c-450b-a658-cdb1dca97bdd} URL = http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {BA310ABC-F44E-4DB1-9618-22EAA3D9799B} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-01] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2E3D0CD7-D389-4DED-A292-74DB987CC4C8}: [NameServer] 101.54.230.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\fqd0evpd.default
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2014-07-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-21] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-18] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-21] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-10-14] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2010-04-04] (Adobe Systems Inc.)
FF Extension: Seznam lištička - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\fqd0evpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-09-25]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009-10-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-23]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-10]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-19]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-05-22]
FF HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-14]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=5
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (Software602 Form Filler) - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-09-25]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-09-25]
CHR Extension: (YouTube) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (RealDownloader) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-18]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-06]
CHR Extension: (AT_CathKidston) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm [2011-05-20]
CHR Extension: (Google Wallet) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-02-11]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-09-25]
CHR Extension: (Gmail) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET)
S2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2013-10-02] (PS Media s.r.o.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-16] (Samsung Electronics Co., Ltd.) [File not signed]
S1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [104160 2012-03-14] (ESET)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2007-03-01] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-03-01] (Conexant Systems, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3636864 2008-11-17] (Intel Corporation)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 17:05 - 2015-04-03 17:06 - 00026596 _____ () C:\Documents and Settings\admin\Plocha\FRST.txt
2015-04-03 17:04 - 2015-04-03 17:05 - 00000000 ____D () C:\FRST
2015-04-03 16:53 - 2015-04-02 15:59 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\admin\Plocha\FRSTLauncher.exe
2015-04-03 16:53 - 2015-04-02 15:54 - 01135104 _____ (Farbar) C:\Documents and Settings\admin\Plocha\FRST.exe
2015-03-28 16:50 - 2015-03-28 16:50 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-03-17 20:15 - 2015-03-17 20:15 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 17:06 - 2009-10-14 23:11 - 01057130 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-03 17:06 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin\Local Settings\Temp
2015-04-03 17:05 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin\Plocha
2015-04-03 17:03 - 2009-10-14 21:34 - 00000000 ___HD () C:\Documents and Settings\admin\Local Settings\Data aplikací
2015-04-03 17:02 - 2001-10-25 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-03 16:59 - 2009-10-14 23:14 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-04-03 16:59 - 2009-10-14 23:13 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2015-04-03 16:59 - 2009-10-14 21:34 - 00032448 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-03 16:59 - 2009-10-14 21:34 - 00000272 ___SH () C:\Documents and Settings\admin\ntuser.ini
2015-04-03 16:59 - 2009-10-14 21:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-03 16:59 - 2009-10-14 21:24 - 01089399 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-03 16:55 - 2013-09-25 19:28 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\Seznam.cz
2015-04-03 16:50 - 2014-11-20 18:56 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602162358-1500820517-725345543-1003.job
2015-04-03 16:50 - 2014-03-30 23:25 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-04-03 16:50 - 2013-09-25 19:27 - 00000000 _____ () C:\WINDOWS\system32\sinstall.log
2015-04-03 16:50 - 2012-03-30 12:39 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1500820517-725345543-1003.job
2015-04-03 16:50 - 2010-06-15 21:28 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 16:48 - 2014-07-06 14:11 - 00034979 _____ () C:\WINDOWS\setupapi.log
2015-04-03 16:38 - 2010-06-15 21:28 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 21:17 - 2012-02-12 20:00 - 00006366 _____ () C:\WINDOWS\system32\AppLog.log
2015-03-29 21:17 - 2012-02-12 02:21 - 00000274 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2015-03-29 21:17 - 2012-02-12 02:21 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2015-03-29 21:15 - 2011-05-20 21:21 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003UA.job
2015-03-29 18:15 - 2011-05-20 21:21 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003Core.job
2015-03-28 16:50 - 2010-07-23 06:37 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\HpUpdate
2015-03-28 16:50 - 2009-10-15 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
2015-03-23 20:30 - 2009-10-14 22:23 - 00002561 _____ () C:\Documents and Settings\admin\Plocha\Microsoft Office Word 2003.lnk
2015-03-23 20:12 - 2009-10-14 22:24 - 00002517 _____ () C:\Documents and Settings\admin\Plocha\Microsoft Office Excel 2003.lnk
2015-03-23 19:48 - 2014-09-24 19:44 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-03-19 23:58 - 2009-10-30 15:51 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\Skype
2015-03-17 21:23 - 2014-12-03 22:05 - 00000000 ____D () C:\Documents and Settings\admin\Dokumenty\Osobní
2015-03-17 20:15 - 2009-10-14 23:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-16 22:11 - 2009-10-14 21:34 - 00000000 ___RD () C:\Documents and Settings\admin\Dokumenty
2015-03-10 22:47 - 2013-08-14 17:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-10 22:36 - 2009-11-09 09:21 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-10 22:36 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin
2015-03-08 19:53 - 2009-10-14 21:21 - 00057235 _____ () C:\WINDOWS\wmsetup.log
2015-03-08 18:35 - 2009-09-02 17:27 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini

==================== Files in the root of some directories =======

2010-11-03 12:33 - 2010-10-20 16:00 - 0695296 _____ (AnjoCaido) C:\Documents and Settings\admin\Data aplikací\MinecraftSP.exe
2010-05-20 16:53 - 2012-09-02 21:54 - 0011091 _____ () C:\Documents and Settings\admin\Data aplikací\SmarThruOptions.xml
2012-08-13 23:40 - 2012-08-13 23:48 - 0093701 _____ () C:\Documents and Settings\admin\Data aplikací\Uninstal.exe
2009-09-02 17:27 - 2014-07-26 23:11 - 0008192 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-15 13:27 - 2009-10-15 13:27 - 0000125 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\RtkBtMnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\admin\Plocha" je 3849 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"="C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"="C:\\Program Files\\HP\\HP Software Update\\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"="C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe:*:Enabled:Pando Media Booster"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"="C:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe:*:Enabled:Scan Manger"
"C:\\WINDOWS\\twain_32\\Samsung\\SCX4600\\Scan2Pc.exe"="C:\\WINDOWS\\twain_32\\Samsung\\SCX4600\\Scan2Pc.exe:*:Enabled:ScanToPC"
"C:\\WINDOWS\\twain_32\\Samsung\\SCX4600\\Sscan2io.exe"="C:\\WINDOWS\\twain_32\\Samsung\\SCX4600\\Sscan2io.exe:*:Enabled:SScanToIO"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"="C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"="C:\\Program Files\\HP\\HP Software Update\\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"="C:\\Program Files\\Common Files\\soft602\\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\\Far Cry\\Bin32\\FarCry.exe"="C:\\Far Cry\\Bin32\\FarCry.exe:*:Disabled:Far Cry"
"C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"="C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe:*:Enabled:Pando Media Booster"
"C:\\Documents and Settings\\admin\\Local Settings\\Data aplikac�\\Google\\Chrome\\Application\\chrome.exe"="C:\\Documents and Settings\\admin\\Local Settings\\Data aplikac�\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56964:TCP"="56964:TCP:*:Enabled:Pando Media Booster"
"56964:UDP"="56964:UDP:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56964:TCP"="56964:TCP:*:Enabled:Pando Media Booster"
"56964:UDP"="56964:UDP:*:Enabled:Pando Media Booster"
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Děkuji, přidávám požadovaný log (jen pro informaci, nod32 po restartu opět ohlásil infiltraci paprasem.dr).


# AdwCleaner v4.200 - Log vytvooen 03/04/2015 v 19:18:38
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Local]
# Operaení system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : admin - OEM
# Spuštino z : C:\Documents and Settings\admin\Plocha\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Documents and Settings\admin\Data aplikací\HPAppData
Složka Smazáno : C:\Documents and Settings\admin\Data aplikací\registry mechanic
Složka Smazáno : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\fqd0evpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Smazáno : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Klíe Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíe Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíe Smazáno : HKCU\Software\YahooPartnerToolbar
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HandyUpdater

***** [ Prohlížeee ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [1962 bytu] - [03/04/2015 19:17:10]
AdwCleaner[S0].txt - [1876 bytu] - [03/04/2015 19:18:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1934 bytu] ##########

Dejte nový log FRST.

Omlouvám se za prodlevu. Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by admin (administrator) on OEM on 03-04-2015 20:40:54
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available profiles: admin)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(forum.viry.cz) C:\Documents and Settings\admin\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-05-29] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [614400 2009-08-14] ()
HKLM\...\Run: [4600 Scan2PC] => C:\WINDOWS\Twain_32\Samsung\SCX4600\Scan2pc.exe [1968640 2009-09-10] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-18] (RealNetworks, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-15] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [Google Update] => C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [107912 2014-11-04] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [LokivOmuhi] => regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi\JohqOkti.oll"
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {4984622D-5AFF-44EF-B4EA-94A47A65B8AC} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {551B8A20-177E-4321-99EA-4D6BFEE34AE6} URL = http://search.seznam.cz/?q={searchTerms ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {6521DD8D-89E1-4DA4-970D-3496E6F31FF5} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {68ef2fc2-5408-4845-8746-b90505c528dd} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {787F0EDB-67F7-4241-87BB-5BC9403BD58E} URL = http://www.novinky.cz/hledej?w={searchT ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {7D8B9D82-4AD2-4CB5-ACC6-D96FDEFF2CB4} URL = http://encyklopedie.seznam.cz/search?q= ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {aaa1ba04-fff0-4577-bd1a-7c25c1069bd4} URL = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {b78bbc0b-162c-450b-a658-cdb1dca97bdd} URL = http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_5
SearchScopes: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> {BA310ABC-F44E-4DB1-9618-22EAA3D9799B} URL = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-01] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2E3D0CD7-D389-4DED-A292-74DB987CC4C8}: [NameServer] 101.54.230.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\fqd0evpd.default
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2014-07-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-07-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-21] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-18] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-602162358-1500820517-725345543-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-21] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-10-14] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2010-04-04] (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009-10-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-23]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-10]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-19]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-05-22]
FF HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-10-14]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=5
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (Software602 Form Filler) - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-09-25]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-09-25]
CHR Extension: (YouTube) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (RealDownloader) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-18]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-06]
CHR Extension: (AT_CathKidston) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm [2011-05-20]
CHR Extension: (Google Wallet) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-02-11]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-09-25]
CHR Extension: (Gmail) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET)
S2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S2 ssinstall; C:\WINDOWS\System32\ssins.exe [2324216 2013-10-02] (PS Media s.r.o.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-16] (Samsung Electronics Co., Ltd.) [File not signed]
S1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [104160 2012-03-14] (ESET)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2007-03-01] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-03-01] (Conexant Systems, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3636864 2008-11-17] (Intel Corporation)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 20:40 - 2015-04-03 20:41 - 00026473 _____ () C:\Documents and Settings\admin\Plocha\FRST.txt
2015-04-03 20:40 - 2015-04-03 20:40 - 00029696 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\MSGBOX.EXE
2015-04-03 20:40 - 2015-04-03 20:40 - 00015327 _____ () C:\Documents and Settings\admin\Plocha\LM.bat
2015-04-03 19:17 - 2015-04-03 19:18 - 00000000 ____D () C:\AdwCleaner
2015-04-03 19:16 - 2015-04-03 19:14 - 02208768 _____ () C:\Documents and Settings\admin\Plocha\adwcleaner_4.200.exe
2015-04-03 17:05 - 2015-04-03 17:08 - 00044119 _____ () C:\Documents and Settings\admin\Plocha\FRST_1.txt
2015-04-03 17:04 - 2015-04-03 20:41 - 00000000 ____D () C:\FRST
2015-04-03 16:53 - 2015-04-02 15:59 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\admin\Plocha\FRSTLauncher.exe
2015-04-03 16:53 - 2015-04-02 15:54 - 01135104 _____ (Farbar) C:\Documents and Settings\admin\Plocha\FRST.exe
2015-03-28 16:50 - 2015-03-28 16:50 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2015-03-17 20:15 - 2015-03-17 20:15 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 20:41 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin\Local Settings\Temp
2015-04-03 20:40 - 2009-10-14 21:34 - 00000000 ___HD () C:\Documents and Settings\admin\Local Settings\Data aplikací
2015-04-03 20:40 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin\Plocha
2015-04-03 20:40 - 2001-10-25 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-03 20:38 - 2010-06-15 21:28 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-03 20:38 - 2009-10-14 23:13 - 00000275 _____ () C:\WINDOWS\wiadebug.log
2015-04-03 20:38 - 2009-10-14 21:34 - 00032448 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-03 20:38 - 2009-10-14 21:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-03 20:38 - 2009-10-14 21:24 - 01102141 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-03 20:37 - 2009-10-14 21:34 - 00000272 ___SH () C:\Documents and Settings\admin\ntuser.ini
2015-04-03 20:36 - 2014-11-20 18:56 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602162358-1500820517-725345543-1003.job
2015-04-03 20:36 - 2014-03-30 23:25 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-04-03 20:36 - 2013-09-25 19:27 - 00000000 _____ () C:\WINDOWS\system32\sinstall.log
2015-04-03 20:36 - 2012-03-30 12:39 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1500820517-725345543-1003.job
2015-04-03 20:36 - 2010-06-15 21:28 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 20:36 - 2009-10-14 23:14 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-04-03 20:17 - 2011-05-20 21:21 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003UA.job
2015-04-03 19:25 - 2013-09-25 19:28 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\Seznam.cz
2015-04-03 19:23 - 2009-10-14 23:11 - 01057130 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-03 19:18 - 2009-10-14 21:34 - 00000000 __RHD () C:\Documents and Settings\admin\Data aplikací
2015-04-03 16:48 - 2014-07-06 14:11 - 00034979 _____ () C:\WINDOWS\setupapi.log
2015-03-29 21:17 - 2012-02-12 20:00 - 00006366 _____ () C:\WINDOWS\system32\AppLog.log
2015-03-29 21:17 - 2012-02-12 02:21 - 00000274 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2015-03-29 21:17 - 2012-02-12 02:21 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\TEMP
2015-03-29 18:15 - 2011-05-20 21:21 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003Core.job
2015-03-28 16:50 - 2010-07-23 06:37 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\HpUpdate
2015-03-28 16:50 - 2009-10-15 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
2015-03-23 20:30 - 2009-10-14 22:23 - 00002561 _____ () C:\Documents and Settings\admin\Plocha\Microsoft Office Word 2003.lnk
2015-03-23 20:12 - 2009-10-14 22:24 - 00002517 _____ () C:\Documents and Settings\admin\Plocha\Microsoft Office Excel 2003.lnk
2015-03-23 19:48 - 2014-09-24 19:44 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-03-19 23:58 - 2009-10-30 15:51 - 00000000 ____D () C:\Documents and Settings\admin\Data aplikací\Skype
2015-03-17 21:23 - 2014-12-03 22:05 - 00000000 ____D () C:\Documents and Settings\admin\Dokumenty\Osobní
2015-03-17 20:15 - 2009-10-14 23:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-16 22:11 - 2009-10-14 21:34 - 00000000 ___RD () C:\Documents and Settings\admin\Dokumenty
2015-03-10 22:47 - 2013-08-14 17:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-10 22:36 - 2009-11-09 09:21 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-10 22:36 - 2009-10-14 21:34 - 00000000 ____D () C:\Documents and Settings\admin
2015-03-08 19:53 - 2009-10-14 21:21 - 00057235 _____ () C:\WINDOWS\wmsetup.log
2015-03-08 18:35 - 2009-09-02 17:27 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini

==================== Files in the root of some directories =======

2010-11-03 12:33 - 2010-10-20 16:00 - 0695296 _____ (AnjoCaido) C:\Documents and Settings\admin\Data aplikací\MinecraftSP.exe
2010-05-20 16:53 - 2012-09-02 21:54 - 0011091 _____ () C:\Documents and Settings\admin\Data aplikací\SmarThruOptions.xml
2012-08-13 23:40 - 2012-08-13 23:48 - 0093701 _____ () C:\Documents and Settings\admin\Data aplikací\Uninstal.exe
2009-09-02 17:27 - 2014-07-26 23:11 - 0008192 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-15 13:27 - 2009-10-15 13:27 - 0000125 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\fusioncache.dat
2015-04-03 20:40 - 2015-04-03 20:40 - 0029696 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\MSGBOX.EXE

Some content of TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\admin\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\admin\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-15] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [LokivOmuhi] => regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi\JohqOkti.oll"
c:\Documents and Settings\All Users\Data aplikací\LokivOmuhi
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
C:\Program Files\Google\GoogleToolbarNotifier
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
U1 WS2IFSL; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003Core.job
C:\Documents and Settings\admin\Local Settings\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Výpis z Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by admin at 2015-04-03 21:44:55 Run:1
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available profiles: admin)
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-15] (Google Inc.)
HKU\S-1-5-21-602162358-1500820517-725345543-1003\...\Run: [LokivOmuhi] => regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\LokivOmuhi\JohqOkti.oll"
c:\Documents and Settings\All Users\Data aplikací\LokivOmuhi
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-602162358-1500820517-725345543-1003 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
C:\Program Files\Google\GoogleToolbarNotifier
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
U1 WS2IFSL; No ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003Core.job
C:\Documents and Settings\admin\Local Settings\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => value deleted successfully.
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value deleted successfully.
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\LokivOmuhi => value deleted successfully.
c:\Documents and Settings\All Users\Data aplikací\LokivOmuhi => Moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key deleted successfully.
"HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key deleted successfully.
C:\Program Files\McAfee Security Scan => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
"HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-602162358-1500820517-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
C:\Program Files\Google\GoogleToolbarNotifier => Moved successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll not found.
C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll not found.
C:\Documents and Settings\All Users\Data aplikacĂ­\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll not found.
C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll => Moved successfully.
C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll not found.
C:\Documents and Settings\admin\Local Settings\Data aplikacĂ­\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji" => Key deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx => Moved successfully.
McComponentHostService => Service deleted successfully.
Skype C2C Service => Service deleted successfully.
WS2IFSL => Service deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1500820517-725345543-1003Core.job => Moved successfully.
C:\Documents and Settings\admin\Local Settings\Temp => Moved successfully.

==== End of Fixlog 21:45:31 ====

Smazáno. Nastala nějaká změna?

Děkuji, antivir nic nehlásí a prohlížeč jde také spustit. Vše vypadá v pořádku. Je potřeba provést ještě něco?

Pouze odinstalovat ADW kliknutím na uninstall a smazat FRST.

Provedeno. Děkuji mnohokrát

Rádo se stalo!