VIRY.CZ

Dobrý den,

obdržel jsem e-mail, tvářící se jako e-mail od společnosti DHL Logistik.
Jako již několikrát obezřetný jsem otevřel odkaz, ve kterém byl samozřejmě zip soubor.
Od této chvíle mi Nod 32 křičí infiltrace, denně již zachytává okolo 250. Již několikrát tímto
antivirem skenováno, ale pořád stejný problém s infiltracemi.

Můžete mi prosím poradit?

Děkuji

Petr O.

Zdravim

Dejte na uvod log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by Oliva (administrator) on KARELHOM on 28-05-2015 10:10:19
Running from C:\Documents and Settings\Oliva\Plocha
Loaded Profiles: Oliva (Available Profiles: Oliva & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SafeNet, Inc.) C:\WINDOWS\system32\dklog.exe
(SafeNet, Inc.) C:\WINDOWS\system32\dkvcm.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Miloslav Novotny N+P) C:\Program Files\PCNetSoftware\RAC Server\RACs.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SafeNet, Inc.) C:\WINDOWS\system32\dkcktkn.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Chicony) C:\WINDOWS\mHotkey.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files\SafeNet\BSecClient\AXMonitor.exe
(SafeNet, Inc.) C:\Program Files\SafeNet\BSecClient\dkAutoReg.exe
(SEIKO EPSON CORPORATION) C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Software602) C:\Program Files\Software602\Print2PDF\Print2PDF.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company) C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
() C:\WINDOWS\twain_32\A3PRO18U16K\SrvMod.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(CANON INC.) C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(C. Ghisler & Co.) C:\Program Files\TC UP\TOTALCMD.EXE
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corp.) C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
(Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
(Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
(Flash ) C:\DOCUME~1\Oliva\LOCALS~1\Temp\1BA3.tmp
(Flash ) C:\DOCUME~1\Oliva\LOCALS~1\Temp\1BA1.tmp
(Flash ) C:\DOCUME~1\Oliva\LOCALS~1\Temp\5D3C.tmp
(Flash ) C:\DOCUME~1\Oliva\LOCALS~1\Temp\6084.tmp


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CHotkey] => C:\WINDOWS\mHotkey.exe [473600 2002-08-02] (Chicony)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16860672 2007-12-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-04-09] (ESET)
HKLM\...\Run: [DkStartup] => C:\Program Files\SafeNet\BSecClient\dkstartup.exe [49152 2007-09-13] (SafeNet, Inc.)
HKLM\...\Run: [AxMonitor] => C:\Program Files\SafeNet\BSecClient\axmonitor.exe [450560 2007-09-13] ()
HKLM\...\Run: [DkAutoReg] => C:\Program Files\SafeNet\BSecClient\DkAutoReg.exe [253952 2007-09-13] (SafeNet, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [GIGABYTEMOUSE] => C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [1278464 2009-11-26] ()
HKLM\...\Run: [Spamihilator] => C:\Program Files\Spamihilator\spamihilator.exe [716800 2007-08-17] (Michel Krämer)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2510784 2015-05-14] ()
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-20] (RealNetworks, Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM\...\Run: [ToolboxFX] => C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434528 2006-10-26] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25] (ATI Technologies Inc.)
Winlogon\Notify\DkWLNP: C:\WINDOWS\system32\DkWLNP.dll [2007-09-13] (SafeNet, Inc.)
Winlogon\Notify\RACServerLogon: C:\WINDOWS\system32\RACServerLogon2.dll [2007-09-11] (Miloslav Novotny N+P)
HKU\S-1-5-21-1078081533-725345543-682003330-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1078081533-725345543-682003330-1004\...\Run: [Mail Box Dispatcher] => C:\Program Files\Mail Box Dispatcher 2\mboxd2.exe [585728 2004-11-29] (anti-spam-tools.com)
HKU\S-1-5-21-1078081533-725345543-682003330-1004\...\Run: [XNeat Windows Manager] => C:\Program Files\XNeat Windows Manager\xnViewer.exe [77824 2008-03-04] ()
HKU\S-1-5-21-1078081533-725345543-682003330-1004\...\MountPoints2: ##smbmukl#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [4e267444e7f500b047203ef5f10ec498] => C:\Documents and Settings\Oliva\Local Settings\Data aplikací\4e267444e7f500b047203ef5f10ec498.exe [132889 2015-05-28] (Flash )
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##192.168.1.100#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Nasmuklipa#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Smbmukl#EPIS - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SrvMod.lnk [2009-06-18]
ShortcutTarget: SrvMod.lnk -> C:\WINDOWS\twain_32\A3PRO18U16K\SrvMod.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Stavové okno Canon iR1510-1670.LNK [2010-01-25]
ShortcutTarget: Stavové okno Canon iR1510-1670.LNK -> C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE (CANON INC.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk [2011-01-28]
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\Homolka\Nabídka Start\Programy\Po spuštění\Zástupce - mHotkey.exe.lnk [2009-06-11]
ShortcutTarget: Zástupce - mHotkey.exe.lnk -> C:\WINDOWS\mHotkey.exe (Chicony)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1078081533-725345543-682003330-1004] => 127.0.0.1:8081
HKU\S-1-5-21-1078081533-725345543-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.czregion.cz/krasna-lipa
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://search.phpnuke.org/?lang=en&cid=457c4dfc" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> {3F9364D5-7DD6-440D-A817-4358C9BA2039} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> {4734152C-AAB5-4932-92F0-55ABF972C1C4} URL = http://search.phpnuke.org/?lang=en&cid= ... earchTerms}
SearchScopes: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> {8E0C922A-C7B4-4AA1-A495-77AC7ED32FA4} URL = http://websearch.ask.com/redirect?clien ... 27B1392266
SearchScopes: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={8B0B ... 2012-10-05 10:20:06&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: phpnuke Helper Object -> {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} -> C:\Program Files\phpnuke\phpnuke\1.8.16.4\bh\phpnuke.dll [2013-03-01] (PHPNuke.org)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
Toolbar: HKLM - phpnuke Toolbar - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files\phpnuke\phpnuke\1.8.16.4\phpnukeTlbr.dll [2013-03-01] (PHPNuke.org)
Toolbar: HKU\S-1-5-21-1078081533-725345543-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://10.162.35.152/RtspVaPgDec.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} http://192.168.1.199/AVC_AX_742.cab
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://83.208.160.241:5000/HiDvrOcx.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-14] (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 193.85.1.100 193.85.2.100

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x
FF SearchEngineOrder.1: Search The Web (phpnuke)
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc&q=
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-20] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-20] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @research.microsoft.com/HDView -> C:\Program Files\Microsoft Research\HD View\nphdview.dll [2009-07-13] (Microsoft Research)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin: synology.com/SurveillancePlugin -> C:\Program Files\Synology\SurveillancePlugin\1.0.0.565\npSurveillancePlugin.dll [2015-01-29] (Synology)
FF Plugin HKU\S-1-5-21-1078081533-725345543-682003330-1004: @tools.google.com/Google Update;version=8 -> C:\Documents and Settings\Homolka\Local Settings\Data aplikací\Google\Update\1.2.183.17\npGoogleOneClick8.dll [2010-02-25] (Google Inc.)
FF user.js: detected! => C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\user.js [2013-03-07]
FF user.js: detected! => C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\user.js [2013-03-07]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-09-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-09-20] (RealPlayer)
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\searchplugins\phpnuke.xml [2013-03-07]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\askcom.xml [2012-05-04]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\hyperwords.xml [2009-07-23]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\liquid-words.xml [2012-04-03]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\mapycz.xml [2012-03-28]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\phpnuke.xml [2013-03-07]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\zbocz.xml [2012-03-28]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-14]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-11-30]
FF Extension: FEBE - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2009-12-02]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: ColorfulTabs - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-27]
FF Extension: Linkification - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a} [2010-06-18]
FF Extension: FEBE - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-21]
FF Extension: Liquid Words - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{9A752782-D706-479b-98F8-3F66BF921692} [2012-04-30]
FF Extension: SearchPreview - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2015-03-16]
FF Extension: FireGestures - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\firegestures@xuldev.org.xpi [2011-10-10]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\translator@zoli.bod.xpi [2013-01-17]
FF Extension: Download Statusbar - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-11-03]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-05-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-23]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-05-04]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (PhpNuke Chrome Toolbar) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh [2013-03-07]
CHR Extension: (RealDownloader) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-06]
CHR Extension: (AVG Security Toolbar) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-08-06]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR HKLM\...\Chrome\Extension: [cngompmodgafkkffefbfbghhciijojjh] - C:\Program Files\phpnuke\phpnuke\1.8.16.4\phpnuke.crx [2013-03-01]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [File not signed]
R2 DkLogger; C:\WINDOWS\system32\dklog.exe [106496 2007-09-13] (SafeNet, Inc.) [File not signed]
R2 DkTknSrv; C:\WINDOWS\system32\dkcktkn.exe [737280 2007-09-13] (SafeNet, Inc.) [File not signed]
R2 DkVcm; C:\WINDOWS\system32\dkvcm.exe [122880 2007-09-13] (SafeNet, Inc.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-04-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-04-09] (ESET)
S3 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PCNetSoftware RAC Server; C:\Program Files\PCNetSoftware\RAC Server\RACs.exe [3186688 2009-07-08] (Miloslav Novotny N+P) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Secure Search)
S2 XAMPP; C:\xampplite\service.exe [60928 2006-10-23] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [16877 2002-07-17] (Adaptec)
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113960 2009-04-09] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [107256 2009-04-09] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [94360 2009-04-09] (ESET)
R1 HWiNFO32; E:\Downloads\hwinfo32\HWiNFO32.SYS [19064 2009-07-16] (REALiX(tm))
R3 iKeyEnum; C:\WINDOWS\System32\DRIVERS\ikeyenum.sys [11616 2011-08-05] (SafeNet, Inc.)
R3 iKeyIFD; C:\WINDOWS\System32\DRIVERS\ikeyifd.sys [18080 2011-08-05] (SafeNet, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-14] ()
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-03-23] (VSO Software) [File not signed]
R1 PQNTDrv; C:\WINDOWS\system32\Drivers\PQNTDrv.sys [4228 2004-05-05] (PowerQuest Corporation) [File not signed]
R2 RACDriver; C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys [8208 2007-03-20] (Miloslav Novotný N+P) [File not signed]
S3 RnbToken; C:\WINDOWS\System32\DRIVERS\rnbtoken.sys [21472 2011-08-05] (SafeNet, Inc.)
S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [717296 2009-04-23] () [File not signed]
R1 VD_FileDisk; C:\WINDOWS\system32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation) [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell)
U3 augq11bw; C:\WINDOWS\system32\Drivers\augq11bw.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 adfs; No ImagePath
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-28 10:10 - 2015-05-28 10:10 - 00033042 _____ () C:\Documents and Settings\Oliva\Plocha\FRST.txt
2015-05-28 10:09 - 2015-05-28 10:10 - 00000000 ____D () C:\FRST
2015-05-28 10:08 - 2015-05-28 10:08 - 01147392 _____ (Farbar) C:\Documents and Settings\Oliva\Plocha\FRST.exe
2015-05-28 10:03 - 2015-05-28 10:07 - 00029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
2015-05-28 10:01 - 2015-05-28 10:04 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Oliva\Plocha\FRSTLauncher.exe
2015-05-28 08:14 - 2015-05-28 08:14 - 00132889 _____ (Flash ) C:\Documents and Settings\Oliva\Local Settings\Data aplikací\4e267444e7f500b047203ef5f10ec498.exe
2015-05-27 19:56 - 2015-05-28 01:13 - 00188416 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe_User_Feed_Synchronization-{7764EE77-0M61-4F38-V100-96E2C039847L}.exe
2015-05-27 16:26 - 2015-05-27 16:26 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
2015-05-27 13:50 - 2012-04-13 09:16 - 00442779 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150527-135007.backup
2015-05-26 17:36 - 2015-05-26 17:36 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
2015-05-26 15:07 - 2015-05-26 15:07 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
2015-05-18 21:34 - 2015-05-18 21:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-28 10:10 - 2009-12-18 11:42 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\Spamihilator
2015-05-28 10:10 - 2009-11-30 09:18 - 00000000 ____D () C:\Documents and Settings\Oliva\Plocha
2015-05-28 10:10 - 2009-11-30 09:18 - 00000000 ____D () C:\Documents and Settings\Oliva\Local Settings\Temp
2015-05-28 10:07 - 2009-11-30 09:18 - 00000000 ___HD () C:\Documents and Settings\Oliva\Local Settings\Data aplikací
2015-05-28 09:33 - 2009-10-20 14:18 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004UA.job
2015-05-28 09:31 - 2011-01-20 08:11 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-28 09:19 - 2012-04-05 06:59 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-28 08:23 - 2014-06-12 08:23 - 00000370 _____ () C:\WINDOWS\Tasks\At3.job
2015-05-28 07:33 - 2009-10-20 14:18 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004Core.job
2015-05-27 20:45 - 2014-06-12 08:23 - 00000370 _____ () C:\WINDOWS\Tasks\At2.job
2015-05-27 18:33 - 2009-03-20 11:25 - 00031922 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-27 17:22 - 2009-03-20 11:21 - 01626025 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-27 16:40 - 2010-09-02 07:37 - 00000000 ____D () C:\Documents and Settings\Oliva\Dokumenty\záloha registrů
2015-05-27 16:38 - 2009-11-30 09:18 - 00000000 __RHD () C:\Documents and Settings\Oliva\Data aplikací
2015-05-27 16:36 - 2010-03-12 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-05-27 16:36 - 2009-11-30 09:18 - 00000000 ____D () C:\Documents and Settings\Oliva
2015-05-27 15:26 - 2014-07-04 12:52 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-05-27 14:46 - 2009-12-10 10:26 - 00003529 _____ () C:\Documents and Settings\Oliva\intlname.ols
2015-05-27 14:38 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-27 14:38 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-27 14:38 - 2009-03-20 11:36 - 00000520 _____ () C:\RTHDCPL_Dump.txt
2015-05-27 14:37 - 2014-03-24 10:35 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-05-27 14:37 - 2013-06-10 07:33 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2015-05-27 14:37 - 2013-06-03 16:33 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-05-27 14:37 - 2011-01-20 08:11 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 14:37 - 2009-03-20 12:13 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2015-05-27 14:37 - 2009-03-20 12:13 - 00000049 ____N () C:\WINDOWS\wiaservc.log
2015-05-27 14:37 - 2009-03-20 11:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-27 14:33 - 2009-11-30 09:18 - 00000272 ___SH () C:\Documents and Settings\Oliva\ntuser.ini
2015-05-27 14:31 - 2014-09-01 13:39 - 00000000 ____D () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe
2015-05-27 14:30 - 2014-06-12 08:23 - 00000370 _____ () C:\WINDOWS\Tasks\At4.job
2015-05-27 14:30 - 2012-04-05 06:59 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-27 14:30 - 2011-05-16 07:41 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-27 14:17 - 2012-04-26 07:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-27 14:17 - 2008-04-14 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-27 14:16 - 2014-01-30 16:16 - 00670336 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-05-27 14:16 - 2009-03-20 11:25 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-05-27 14:10 - 2012-10-05 10:20 - 00000000 ____D () C:\Program Files\PDFCreator
2015-05-27 13:52 - 2011-01-20 08:12 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-05-27 13:52 - 2011-01-20 08:12 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-05-27 13:52 - 2010-09-02 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-27 13:52 - 2010-09-02 07:31 - 00000000 ____D () C:\Documents and Settings\Oliva\Nabídka Start\Programy\CCleaner
2015-05-27 11:26 - 2009-03-20 13:59 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-05-27 10:15 - 2014-06-12 08:23 - 00000370 _____ () C:\WINDOWS\Tasks\At1.job
2015-05-26 07:32 - 2009-12-02 11:02 - 00000000 ___RD () C:\Documents and Settings\Oliva\Dokumenty\Obrázky
2015-05-25 07:29 - 2013-04-17 07:45 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-21 10:02 - 2010-02-22 11:09 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\ZoomBrowser EX
2015-05-21 10:01 - 2010-02-22 11:09 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\CameraWindowDC
2015-05-20 09:57 - 2013-07-29 09:57 - 00000326 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-14 11:28 - 2013-01-24 08:00 - 00000000 ____D () C:\WINDOWS\system32\cache
2015-05-14 11:28 - 2012-10-05 10:19 - 00000000 ____D () C:\Program Files\AVG Secure Search
2015-05-13 07:35 - 2009-04-24 08:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-05-13 07:34 - 2013-08-15 08:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 07:26 - 2009-03-22 16:25 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-04 07:52 - 2015-03-07 11:11 - 00001739 _____ () C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2015-05-04 07:52 - 2012-11-06 10:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2015-05-04 07:52 - 2009-03-20 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-05-04 07:52 - 2009-03-20 11:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2013-06-27 12:03 - 2014-06-23 07:30 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2015-05-27 16:26 - 2015-05-27 16:26 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
2015-05-26 17:36 - 2015-05-26 17:36 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
2015-05-26 15:07 - 2015-05-26 15:07 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
2011-02-04 13:53 - 2011-02-04 13:53 - 0000625 _____ () C:\Documents and Settings\Oliva\Data aplikací\AutoGK.ini
2015-05-28 08:14 - 2015-05-28 08:14 - 0132889 _____ (Flash ) C:\Documents and Settings\Oliva\Local Settings\Data aplikací\4e267444e7f500b047203ef5f10ec498.exe
2015-05-27 19:56 - 2015-05-28 01:13 - 0188416 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe_User_Feed_Synchronization-{7764EE77-0M61-4F38-V100-96E2C039847L}.exe
2010-01-19 09:42 - 2013-05-22 09:20 - 0008704 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-28 10:03 - 2015-05-28 10:07 - 0029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
2011-01-21 15:29 - 2011-01-21 15:29 - 0000600 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\PUTTY.RND

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some files in TEMP:
====================
C:\Documents and Settings\Homolka\Local Settings\Temp\FP_AX_MSI_INSTALLER.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\FP_PL_MSI_INSTALLER.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\jre-6u15-windows-i586-iftw.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\jre-6u17-windows-i586-iftw-rv.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Licence na ESET NOD je jak ma byt, cili zakoupena?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Ano, licence nod 32 je zakoupená.

Následně zašlu log.

OK, pockam na nej a pak budem pokracovat...

# AdwCleaner v4.205 - Logfile created 28/05/2015 at 13:20:25
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Oliva - KARELHOM
# Running from : C:\Documents and Settings\Oliva\Dokumenty\Downloads\adwcleaner_4.205.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.5.0

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Avg_Update_0814tb
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\Smart Driver Updater
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Homolka\Data aplikací\download Manager
Folder Deleted : C:\Documents and Settings\Oliva\Local Settings\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Oliva\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Oliva\Data aplikací\DealPly
Folder Deleted : C:\Documents and Settings\Oliva\Data aplikací\pdfforge
Folder Deleted : C:\Documents and Settings\Homolka\Data aplikací\Mozilla\Firefox\Profiles\zyjlfj1u.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[!] Folder Deleted : C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Documents and Settings\Oliva\Local Settings\Data aplikací\4e267444e7f500b047203ef5f10ec498.exe
File Deleted : C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Documents and Settings\Homolka\Data aplikací\Mozilla\Firefox\Profiles\zyjlfj1u.default\user.js
File Deleted : C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\user.js
File Deleted : C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\user.js

***** [ Scheduled tasks ] *****

Task Deleted : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.SWEETIE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [4e267444e7f500b047203ef5f10ec498]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8E0C922A-C7B4-4AA1-A495-77AC7ED32FA4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\pdfforge
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v38.0.1 (x86 cs)

[zyjlfj1u.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
[febeprof.x\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search The Web (phpnuke)");
[febeprof.x\prefs.js] - Line Deleted : user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)");
[febeprof.x\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"cs@dictionaries.addons.mozilla.org\":{\"d\":\"C:\\\\Documents and Settings\\\\Oliva\\\\Data aplikací\\\\Mozilla\\\\Firefox\\\\Profiles\\\\febeprof[...]
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=");
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Search The Web (phpnuke)");
[sh6j85k2.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search The Web (phpnuke)");

-\\ Google Chrome v43.0.2357.81

[C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [11534 bytes] - [28/05/2015 13:14:30]
AdwCleaner[R1].txt - [11607 bytes] - [28/05/2015 13:19:18]
AdwCleaner[S0].txt - [11857 bytes] - [28/05/2015 13:20:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11917 bytes] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Oliva on źt 28.05.2015 at 14:15:53,85.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Oliva\Plocha\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-05-28-121310.log 1132 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\DeadDiskDoctor deleted successfully
C:\Program Files\Scriptocean deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\LangSoft deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ZoomBrowser deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Internet Explorer\SearchScopes\{3F9364D5-7DD6-440D-A817-4358C9BA2039} deleted successfully
HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Internet Explorer\SearchScopes\{4734152C-AAB5-4932-92F0-55ABF972C1C4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Internet Explorer\Approved Extensions\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\DeadDiskDoctor not found
C:\Program Files\Scriptocean not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Clear FTP 2006 deleted
C:\Program Files\phpnuke deleted
C:\Program Files\Sony Ericsson deleted
C:\user.js deleted
C:\found.000 deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\dw2pd.dll deleted
C:\WINDOWS\SET3.tmp deleted
C:\WINDOWS\SET4.tmp deleted
C:\WINDOWS\SET8.tmp deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\tasks\At1.job deleted
C:\WINDOWS\tasks\At2.job deleted
C:\WINDOWS\tasks\At3.job deleted
C:\WINDOWS\tasks\At4.job deleted
C:\WINDOWS\system32\GroupPolicy\ADM deleted
"C:\WINDOWS\Installer\1c50fc.msi" deleted
"C:\WINDOWS\Installer\dddfb6a.msi" deleted
"C:\WINDOWS\Installer\dddfb71.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [20.09.2013 07:13]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.81

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cngompmodgafkkffefbfbghhciijojjh - C:\Program Files\phpnuke\phpnuke\1.8.16.4\phpnuke.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 15:24]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.phpnuke.org/?lang=en&cid=457c4dfc"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B206A1E-933F-4A50-9E60-5167598BDB03} deleted successfully
HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B206A1E-933F-4A50-9E60-5167598BDB03} deleted successfully
HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C} deleted successfully
HKEY_USERS\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{7B206A1E-933F-4A50-9E60-5167598BDB03} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{890CA547-B66C-48BF-9663-DBE0BFDC7D0C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7B206A1E-933F-4A50-9E60-5167598BDB03} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A931B0A5D8E8E947AFB2124E1562280 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C954F6FD98B888F46BF32A1E63BBB697 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E0C6FC130F152D140B886A1A344C03C3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cngompmodgafkkffefbfbghhciijojjh deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88B2E402-DE40-4422-9CCB-D285F8602C93} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6F459C-8B89-4F88-B63F-A2E136BB6B79} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{31CF6C0E-51F0-41D2-B088-A6A143C4303C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\phpnuke deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\204E2B8804ED2244C9BC2D588F06C239 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7A931B0A5D8E8E947AFB2124E1562280 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\C954F6FD98B888F46BF32A1E63BBB697 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E0C6FC130F152D140B886A1A344C03C3 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Homolka\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Oliva\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Oliva\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Oliva\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Oliva\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Oliva\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on źt 28.05.2015 at 14:34:58,56 ======================

Poprosim o novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by Oliva (administrator) on KARELHOM on 28-05-2015 14:48:57
Running from C:\Documents and Settings\Oliva\Plocha
Loaded Profiles: Oliva (Available Profiles: Oliva & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SafeNet, Inc.) C:\WINDOWS\system32\dklog.exe
(SafeNet, Inc.) C:\WINDOWS\system32\dkvcm.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Miloslav Novotny N+P) C:\Program Files\PCNetSoftware\RAC Server\RACs.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SafeNet, Inc.) C:\WINDOWS\system32\dkcktkn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Chicony) C:\WINDOWS\mHotkey.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files\SafeNet\BSecClient\AXMonitor.exe
(SafeNet, Inc.) C:\Program Files\SafeNet\BSecClient\dkAutoReg.exe
(SEIKO EPSON CORPORATION) C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Software602) C:\Program Files\Software602\Print2PDF\Print2PDF.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company) C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
() C:\WINDOWS\twain_32\A3PRO18U16K\SrvMod.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(CANON INC.) C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CHotkey] => C:\WINDOWS\mHotkey.exe [473600 2002-08-02] (Chicony)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16860672 2007-12-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-04-09] (ESET)
HKLM\...\Run: [DkStartup] => C:\Program Files\SafeNet\BSecClient\dkstartup.exe [49152 2007-09-13] (SafeNet, Inc.)
HKLM\...\Run: [AxMonitor] => C:\Program Files\SafeNet\BSecClient\axmonitor.exe [450560 2007-09-13] ()
HKLM\...\Run: [DkAutoReg] => C:\Program Files\SafeNet\BSecClient\DkAutoReg.exe [253952 2007-09-13] (SafeNet, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [GIGABYTEMOUSE] => C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [1278464 2009-11-26] ()
HKLM\...\Run: [Spamihilator] => C:\Program Files\Spamihilator\spamihilator.exe [716800 2007-08-17] (Michel Krämer)
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-20] (RealNetworks, Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM\...\Run: [ToolboxFX] => C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25] (ATI Technologies Inc.)
Winlogon\Notify\DkWLNP: C:\WINDOWS\system32\DkWLNP.dll [2007-09-13] (SafeNet, Inc.)
Winlogon\Notify\RACServerLogon: C:\WINDOWS\system32\RACServerLogon2.dll [2007-09-11] (Miloslav Novotny N+P)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##192.168.1.100#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Nasmuklipa#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Smbmukl#EPIS - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SrvMod.lnk [2009-06-18]
ShortcutTarget: SrvMod.lnk -> C:\WINDOWS\twain_32\A3PRO18U16K\SrvMod.exe ()
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Stavové okno Canon iR1510-1670.LNK [2010-01-25]
ShortcutTarget: Stavové okno Canon iR1510-1670.LNK -> C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE (CANON INC.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk [2011-01-28]
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\Homolka\Nabídka Start\Programy\Po spuštění\Zástupce - mHotkey.exe.lnk [2009-06-11]
ShortcutTarget: Zástupce - mHotkey.exe.lnk -> C:\WINDOWS\mHotkey.exe (Chicony)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1078081533-725345543-682003330-1007 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://10.162.35.152/RtspVaPgDec.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} http://192.168.1.199/AVC_AX_742.cab
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://83.208.160.241:5000/HiDvrOcx.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 193.85.1.100 193.85.2.100

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc&q=
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-20] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-20] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @research.microsoft.com/HDView -> C:\Program Files\Microsoft Research\HD View\nphdview.dll [2009-07-13] (Microsoft Research)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin: synology.com/SurveillancePlugin -> C:\Program Files\Synology\SurveillancePlugin\1.0.0.565\npSurveillancePlugin.dll [2015-01-29] (Synology)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-09-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-09-20] (RealPlayer)
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\searchplugins\phpnuke.xml [2013-03-07]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\hyperwords.xml [2009-07-23]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\liquid-words.xml [2012-04-03]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\mapycz.xml [2012-03-28]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\phpnuke.xml [2013-03-07]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\zbocz.xml [2012-03-28]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-11-30]
FF Extension: FEBE - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2009-12-02]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: ColorfulTabs - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-27]
FF Extension: Linkification - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a} [2010-06-18]
FF Extension: FEBE - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-21]
FF Extension: Liquid Words - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{9A752782-D706-479b-98F8-3F66BF921692} [2012-04-30]
FF Extension: SearchPreview - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2015-03-16]
FF Extension: FireGestures - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\firegestures@xuldev.org.xpi [2011-10-10]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\translator@zoli.bod.xpi [2013-01-17]
FF Extension: Download Statusbar - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-11-03]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-05-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-05-04]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (PhpNuke Chrome Toolbar) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh [2013-03-07]
CHR Extension: (RealDownloader) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-06]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [File not signed]
R2 DkLogger; C:\WINDOWS\system32\dklog.exe [106496 2007-09-13] (SafeNet, Inc.) [File not signed]
R2 DkTknSrv; C:\WINDOWS\system32\dkcktkn.exe [737280 2007-09-13] (SafeNet, Inc.) [File not signed]
R2 DkVcm; C:\WINDOWS\system32\dkvcm.exe [122880 2007-09-13] (SafeNet, Inc.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-04-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-04-09] (ESET)
S3 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PCNetSoftware RAC Server; C:\Program Files\PCNetSoftware\RAC Server\RACs.exe [3186688 2009-07-08] (Miloslav Novotny N+P) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S2 XAMPP; C:\xampplite\service.exe [60928 2006-10-23] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [16877 2002-07-17] (Adaptec)
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113960 2009-04-09] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [107256 2009-04-09] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [94360 2009-04-09] (ESET)
R1 HWiNFO32; E:\Downloads\hwinfo32\HWiNFO32.SYS [19064 2009-07-16] (REALiX(tm))
R3 iKeyEnum; C:\WINDOWS\System32\DRIVERS\ikeyenum.sys [11616 2011-08-05] (SafeNet, Inc.)
R3 iKeyIFD; C:\WINDOWS\System32\DRIVERS\ikeyifd.sys [18080 2011-08-05] (SafeNet, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-14] ()
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-03-23] (VSO Software) [File not signed]
R1 PQNTDrv; C:\WINDOWS\system32\Drivers\PQNTDrv.sys [4228 2004-05-05] (PowerQuest Corporation) [File not signed]
R2 RACDriver; C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys [8208 2007-03-20] (Miloslav Novotný N+P) [File not signed]
S3 RnbToken; C:\WINDOWS\System32\DRIVERS\rnbtoken.sys [21472 2011-08-05] (SafeNet, Inc.)
S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [717296 2009-04-23] () [File not signed]
R1 VD_FileDisk; C:\WINDOWS\system32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation) [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [265856 2007-08-15] (Marvell)
U3 atial750; C:\WINDOWS\system32\Drivers\atial750.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 adfs; No ImagePath
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-28 14:35 - 2015-05-28 14:35 - 00010275 _____ () C:\Documents and Settings\Oliva\Plocha\zoek-results.txt
2015-05-28 14:32 - 2015-05-28 14:49 - 00000000 ____D () C:\Documents and Settings\Oliva\Local Settings\Temp
2015-05-28 14:32 - 2015-05-28 14:15 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-28 14:10 - 2015-05-28 14:34 - 00010275 _____ () C:\zoek-results.log
2015-05-28 14:10 - 2015-05-28 14:10 - 13402166 _____ () C:\WINDOWS\repository.backup
2015-05-28 14:06 - 2015-05-28 14:29 - 00000000 ____D () C:\zoek_backup
2015-05-28 13:42 - 2015-05-28 13:42 - 01308672 _____ () C:\Documents and Settings\Oliva\Plocha\zoek.exe
2015-05-28 13:25 - 2015-05-28 13:25 - 00011998 _____ () C:\Documents and Settings\Oliva\Plocha\AdwCleaner[S0].txt
2015-05-28 13:19 - 2015-05-28 13:19 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\rt4564874.txt
2015-05-28 13:18 - 2015-05-28 13:19 - 02223104 _____ () C:\Documents and Settings\Oliva\Plocha\adwcleaner_4.205.exe
2015-05-28 13:17 - 2015-05-28 13:17 - 00241152 ____H (Microsoft Corporation) C:\Documents and Settings\Oliva\Data aplikací\mP.exe
2015-05-28 13:14 - 2015-05-28 13:22 - 00000000 ____D () C:\AdwCleaner
2015-05-28 10:11 - 2015-05-28 10:12 - 00091229 _____ () C:\Documents and Settings\Oliva\Plocha\Addition.txt
2015-05-28 10:10 - 2015-05-28 14:49 - 00026822 _____ () C:\Documents and Settings\Oliva\Plocha\FRST.txt
2015-05-28 10:09 - 2015-05-28 14:49 - 00000000 ____D () C:\FRST
2015-05-28 10:08 - 2015-05-28 10:08 - 01147392 _____ (Farbar) C:\Documents and Settings\Oliva\Plocha\FRST.exe
2015-05-28 10:03 - 2015-05-28 10:07 - 00029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
2015-05-28 10:01 - 2015-05-28 10:04 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Oliva\Plocha\FRSTLauncher.exe
2015-05-27 19:56 - 2015-05-28 01:13 - 00188416 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe_User_Feed_Synchronization-{7764EE77-0M61-4F38-V100-96E2C039847L}.exe
2015-05-27 16:26 - 2015-05-27 16:26 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
2015-05-27 13:50 - 2012-04-13 09:16 - 00442779 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150527-135007.backup
2015-05-26 17:36 - 2015-05-26 17:36 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
2015-05-26 15:07 - 2015-05-26 15:07 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
2015-05-18 21:34 - 2015-05-18 21:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-28 14:40 - 2009-03-20 11:21 - 01666849 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-28 14:35 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 14:35 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 14:35 - 2009-11-30 09:18 - 00000000 ____D () C:\Documents and Settings\Oliva\Plocha
2015-05-28 14:35 - 2009-03-20 11:36 - 00000520 _____ () C:\RTHDCPL_Dump.txt
2015-05-28 14:34 - 2014-03-24 10:35 - 00000222 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-05-28 14:34 - 2011-01-20 08:11 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-28 14:34 - 2009-03-20 12:13 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-05-28 14:34 - 2009-03-20 12:13 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-05-28 14:34 - 2009-03-20 11:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-28 14:33 - 2009-03-20 11:25 - 00032142 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-28 14:32 - 2009-11-30 09:18 - 00000272 ___SH () C:\Documents and Settings\Oliva\ntuser.ini
2015-05-28 14:31 - 2011-01-20 08:11 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-28 14:29 - 2011-01-28 08:22 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-28 14:29 - 2009-03-20 12:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-05-28 14:19 - 2012-04-05 06:59 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-28 14:14 - 2009-12-18 11:42 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\Spamihilator
2015-05-28 13:33 - 2009-10-20 14:18 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004UA.job
2015-05-28 13:22 - 2009-11-30 09:18 - 00000000 __RHD () C:\Documents and Settings\Oliva\Data aplikací
2015-05-28 13:22 - 2009-11-30 09:18 - 00000000 ___HD () C:\Documents and Settings\Oliva\Local Settings\Data aplikací
2015-05-28 13:22 - 2009-03-20 11:25 - 00000000 __RHD () C:\Documents and Settings\Homolka\Data aplikací
2015-05-28 07:33 - 2009-10-20 14:18 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004Core.job
2015-05-27 16:40 - 2010-09-02 07:37 - 00000000 ____D () C:\Documents and Settings\Oliva\Dokumenty\záloha registrů
2015-05-27 16:36 - 2010-03-12 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-05-27 16:36 - 2009-11-30 09:18 - 00000000 ____D () C:\Documents and Settings\Oliva
2015-05-27 15:26 - 2014-07-04 12:52 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-05-27 14:46 - 2009-12-10 10:26 - 00003529 _____ () C:\Documents and Settings\Oliva\intlname.ols
2015-05-27 14:31 - 2014-09-01 13:39 - 00000000 ____D () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe
2015-05-27 14:30 - 2012-04-05 06:59 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-27 14:30 - 2011-05-16 07:41 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-27 14:17 - 2012-04-26 07:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-27 14:17 - 2008-04-14 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-27 14:16 - 2014-01-30 16:16 - 00670336 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-05-27 14:16 - 2009-03-20 11:25 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-05-27 14:10 - 2012-10-05 10:20 - 00000000 ____D () C:\Program Files\PDFCreator
2015-05-27 13:52 - 2011-01-20 08:12 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-05-27 13:52 - 2011-01-20 08:12 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-05-27 13:52 - 2010-09-02 07:31 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-27 13:52 - 2010-09-02 07:31 - 00000000 ____D () C:\Documents and Settings\Oliva\Nabídka Start\Programy\CCleaner
2015-05-27 11:26 - 2009-03-20 13:59 - 00001599 _____ () C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-05-26 07:32 - 2009-12-02 11:02 - 00000000 ___RD () C:\Documents and Settings\Oliva\Dokumenty\Obrázky
2015-05-25 07:29 - 2013-04-17 07:45 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-21 10:02 - 2010-02-22 11:09 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\ZoomBrowser EX
2015-05-21 10:01 - 2010-02-22 11:09 - 00000000 ____D () C:\Documents and Settings\Oliva\Data aplikací\CameraWindowDC
2015-05-20 09:57 - 2013-07-29 09:57 - 00000326 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-14 11:28 - 2013-01-24 08:00 - 00000000 ____D () C:\WINDOWS\system32\cache
2015-05-13 07:35 - 2009-04-24 08:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-05-13 07:34 - 2013-08-15 08:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 07:26 - 2009-03-22 16:25 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-04 07:52 - 2015-03-07 11:11 - 00001739 _____ () C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
2015-05-04 07:52 - 2012-11-06 10:27 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
2015-05-04 07:52 - 2009-03-20 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-05-04 07:52 - 2009-03-20 11:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2013-06-27 12:03 - 2014-06-23 07:30 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2015-05-27 16:26 - 2015-05-27 16:26 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
2015-05-26 17:36 - 2015-05-26 17:36 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
2015-05-26 15:07 - 2015-05-26 15:07 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
2011-02-04 13:53 - 2011-02-04 13:53 - 0000625 _____ () C:\Documents and Settings\Oliva\Data aplikací\AutoGK.ini
2015-05-28 13:17 - 2015-05-28 13:17 - 0241152 ____H (Microsoft Corporation) C:\Documents and Settings\Oliva\Data aplikací\mP.exe
2015-05-28 13:19 - 2015-05-28 13:19 - 0000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\rt4564874.txt
2015-05-27 19:56 - 2015-05-28 01:13 - 0188416 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Adobe_User_Feed_Synchronization-{7764EE77-0M61-4F38-V100-96E2C039847L}.exe
2010-01-19 09:42 - 2013-05-22 09:20 - 0008704 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-28 10:03 - 2015-05-28 10:07 - 0029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
2011-01-21 15:29 - 2011-01-21 15:29 - 0000600 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\PUTTY.RND

Some files in TEMP:
====================
C:\Documents and Settings\Homolka\Local Settings\Temp\FP_AX_MSI_INSTALLER.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\FP_PL_MSI_INSTALLER.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\jre-6u15-windows-i586-iftw.exe
C:\Documents and Settings\Homolka\Local Settings\Temp\jre-6u17-windows-i586-iftw-rv.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-20] (RealNetworks, Inc.)
  HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
  HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##192.168.1.100#epis - P:\cont32.exe data\menuepis.ctx
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Nasmuklipa#epis - P:\cont32.exe data\menuepis.ctx
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Smbmukl#EPIS - P:\cont32.exe data\menuepis.ctx
  HKU\S-1-5-21-1078081533-725345543-682003330-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
  Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SrvMod.lnk [2009-06-18]
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
  
  FF Keyword.URL: hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc&q=
  FF NetworkProxy: "http", "localhost"
  FF NetworkProxy: "http_port", 4001
  FF NetworkProxy: "type", 0
  FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\searchplugins\phpnuke.xml [2013-03-07]
  FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\hyperwords.xml [2009-07-23]
  FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\liquid-words.xml [2012-04-03]
  FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\phpnuke.xml [2013-03-07]
  FF Extension: SearchPreview - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2015-03-16]
  FF Extension: Download Statusbar - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-11-03]
  FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-05-18]
  
  CHR Extension: (PhpNuke Chrome Toolbar) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh [2013-03-07]
  
  U3 atial750; C:\WINDOWS\system32\Drivers\atial750.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
  S2 adfs; No ImagePath
  S4 IntelIde; No ImagePath
  
  2015-05-28 14:35 - 2015-05-28 14:35 - 00010275 _____ () C:\Documents and Settings\Oliva\Plocha\zoek-results.txt
  2015-05-28 14:32 - 2015-05-28 14:15 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2015-05-28 14:10 - 2015-05-28 14:34 - 00010275 _____ () C:\zoek-results.log
  2015-05-28 14:06 - 2015-05-28 14:29 - 00000000 ____D () C:\zoek_backup
  2015-05-28 13:42 - 2015-05-28 13:42 - 01308672 _____ () C:\Documents and Settings\Oliva\Plocha\zoek.exe
  2015-05-28 13:25 - 2015-05-28 13:25 - 00011998 _____ () C:\Documents and Settings\Oliva\Plocha\AdwCleaner[S0].txt
  2015-05-28 13:19 - 2015-05-28 13:19 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\rt4564874.txt
  2015-05-28 13:18 - 2015-05-28 13:19 - 02223104 _____ () C:\Documents and Settings\Oliva\Plocha\adwcleaner_4.205.exe
  2015-05-28 13:17 - 2015-05-28 13:17 - 00241152 ____H (Microsoft Corporation) C:\Documents and Settings\Oliva\Data aplikací\mP.exe
  2015-05-28 13:14 - 2015-05-28 13:22 - 00000000 ____D () C:\AdwCleaner
  2015-05-28 10:11 - 2015-05-28 10:12 - 00091229 _____ () C:\Documents and Settings\Oliva\Plocha\Addition.txt
  2015-05-28 10:10 - 2015-05-28 14:49 - 00026822 _____ () C:\Documents and Settings\Oliva\Plocha\FRST.txt
  2015-05-28 10:03 - 2015-05-28 10:07 - 00029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
  2015-05-28 10:01 - 2015-05-28 10:04 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Oliva\Plocha\FRSTLauncher.exe
  2015-05-27 16:26 - 2015-05-27 16:26 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
  2015-05-27 13:50 - 2012-04-13 09:16 - 00442779 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150527-135007.backup
  2015-05-26 17:36 - 2015-05-26 17:36 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
  2015-05-26 15:07 - 2015-05-26 15:07 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
  2015-05-27 16:36 - 2010-03-12 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
  
  2015-05-28 14:35 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  2015-05-28 14:35 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  2015-05-28 14:35 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  2015-05-28 14:35 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  2015-05-28 13:33 - 2009-10-20 14:18 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004UA.job
  2015-05-28 07:33 - 2009-10-20 14:18 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004Core.job
  2015-05-27 15:26 - 2014-07-04 12:52 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
  2015-05-25 07:29 - 2013-04-17 07:45 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  2015-05-20 09:57 - 2013-07-29 09:57 - 00000326 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Ještě bych Vás chtěl požádat o upřesnění postupu, potřeboval bych vysvětlit jen:
- Presunte vytvoreny fixlist vedle FRST
jinak celý postup (kroky) jsem pochopil.

FRST.exe mate na plose, takze i fixlist.txt ulozte na plochu

Fix result of Farbar Recovery Scan Tool (x86) Version: 27-05-2015 01
Ran by Oliva at 2015-05-29 06:59:53 Run:1
Running from C:\Documents and Settings\Oliva\Plocha
Loaded Profiles: Oliva (Available Profiles: Oliva & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-20] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##192.168.1.100#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Nasmuklipa#epis - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\...\MountPoints2: ##Smbmukl#EPIS - P:\cont32.exe data\menuepis.ctx
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SrvMod.lnk [2009-06-18]

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FF Keyword.URL: hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc&q=
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "type", 0
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\searchplugins\phpnuke.xml [2013-03-07]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\hyperwords.xml [2009-07-23]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\liquid-words.xml [2012-04-03]
FF SearchPlugin: C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\phpnuke.xml [2013-03-07]
FF Extension: SearchPreview - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2015-03-16]
FF Extension: Download Statusbar - C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-11-03]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2015-05-18]

CHR Extension: (PhpNuke Chrome Toolbar) - C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh [2013-03-07]

U3 atial750; C:\WINDOWS\system32\Drivers\atial750.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 adfs; No ImagePath
S4 IntelIde; No ImagePath

2015-05-28 14:35 - 2015-05-28 14:35 - 00010275 _____ () C:\Documents and Settings\Oliva\Plocha\zoek-results.txt
2015-05-28 14:32 - 2015-05-28 14:15 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-05-28 14:10 - 2015-05-28 14:34 - 00010275 _____ () C:\zoek-results.log
2015-05-28 14:06 - 2015-05-28 14:29 - 00000000 ____D () C:\zoek_backup
2015-05-28 13:42 - 2015-05-28 13:42 - 01308672 _____ () C:\Documents and Settings\Oliva\Plocha\zoek.exe
2015-05-28 13:25 - 2015-05-28 13:25 - 00011998 _____ () C:\Documents and Settings\Oliva\Plocha\AdwCleaner[S0].txt
2015-05-28 13:19 - 2015-05-28 13:19 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\rt4564874.txt
2015-05-28 13:18 - 2015-05-28 13:19 - 02223104 _____ () C:\Documents and Settings\Oliva\Plocha\adwcleaner_4.205.exe
2015-05-28 13:17 - 2015-05-28 13:17 - 00241152 ____H (Microsoft Corporation) C:\Documents and Settings\Oliva\Data aplikací\mP.exe
2015-05-28 13:14 - 2015-05-28 13:22 - 00000000 ____D () C:\AdwCleaner
2015-05-28 10:11 - 2015-05-28 10:12 - 00091229 _____ () C:\Documents and Settings\Oliva\Plocha\Addition.txt
2015-05-28 10:10 - 2015-05-28 14:49 - 00026822 _____ () C:\Documents and Settings\Oliva\Plocha\FRST.txt
2015-05-28 10:03 - 2015-05-28 10:07 - 00029696 _____ () C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE
2015-05-28 10:01 - 2015-05-28 10:04 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Oliva\Plocha\FRSTLauncher.exe
2015-05-27 16:26 - 2015-05-27 16:26 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt
2015-05-27 13:50 - 2012-04-13 09:16 - 00442779 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150527-135007.backup
2015-05-26 17:36 - 2015-05-26 17:36 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\687809445.txt
2015-05-26 15:07 - 2015-05-26 15:07 - 00000989 _____ () C:\Documents and Settings\Oliva\Data aplikací\87683234.txt
2015-05-27 16:36 - 2010-03-12 12:10 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

2015-05-28 14:35 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 14:35 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 14:35 - 2014-07-23 07:27 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 14:35 - 2013-07-29 09:57 - 00000308 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-28 13:33 - 2009-10-20 14:18 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004UA.job
2015-05-28 07:33 - 2009-10-20 14:18 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004Core.job
2015-05-27 15:26 - 2014-07-04 12:52 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-05-25 07:29 - 2013-04-17 07:45 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job
2015-05-20 09:57 - 2013-07-29 09:57 - 00000326 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value Removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value Removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value Removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully.
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value Removed successfully.
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value Removed successfully.
"HKU\S-1-5-21-1078081533-725345543-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##192.168.1.100#epis" => key Removed successfully.
"HKU\S-1-5-21-1078081533-725345543-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##Nasmuklipa#epis" => key Removed successfully.
"HKU\S-1-5-21-1078081533-725345543-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##Smbmukl#EPIS" => key Removed successfully.
HKU\S-1-5-21-1078081533-725345543-682003330-1007\Control Panel\Desktop\\SCRNSAVE.EXE => value restored successfully
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SrvMod.lnk => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
"HKCR\PROTOCOLS\Handler\skype4com" => key Removed successfully.
"HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => key Removed successfully.
Firefox Keyword.URL Removed successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\sh6j85k2.default\searchplugins\phpnuke.xml => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\hyperwords.xml => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\liquid-words.xml => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\searchplugins\phpnuke.xml => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\Mozilla\Firefox\Profiles\febeprof.x\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} => Moved successfully.
C:\Documents and Settings\Oliva\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh => Moved successfully.
atial750 => Service Removed successfully.
adfs => Service Removed successfully.
IntelIde => Service Removed successfully.
C:\Documents and Settings\Oliva\Plocha\zoek-results.txt => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\zoek.exe => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\AdwCleaner[S0].txt => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\rt4564874.txt => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\adwcleaner_4.205.exe => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\mP.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\Addition.txt => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\FRST.txt => Moved successfully.
C:\Documents and Settings\Oliva\Local Settings\Data aplikací\MSGBOX.EXE => Moved successfully.
C:\Documents and Settings\Oliva\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\6780022245.txt => Moved successfully.
C:\WINDOWS\system32\Drivers\etc\hosts.20150527-135007.backup => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\687809445.txt => Moved successfully.
C:\Documents and Settings\Oliva\Data aplikací\87683234.txt => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy => Moved successfully.
C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job => Moved successfully.
C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job => Moved successfully.
"C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078081533-725345543-682003330-1007.job" => File/Folder not found.
"C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job" => File/Folder not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-725345543-682003330-1004Core.job => Moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => Moved successfully.
C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job => Moved successfully.
C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078081533-725345543-682003330-1007.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 899.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 07:01:58 ====