awardhotspot

Zpráva

HoLoW · #1 Příspěvek od **HoLoW** » 18 úno 2014 19:36

Zdravíčko . . poslední přibližně dva dny mě v prohlížeči trápi awardhotspot reklamy, které se objevují jak ve Firefoxu tak v Exploreru, snažil jsem se najít nějaký návod na odstranění, ale nic co jsem našel nepomohlo.
přikládám log z FRST pro kontrolu
Dekuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Honza (administrator) on HONZA-PC on 18-02-2014 19:29:37
Running from C:\Users\Honza\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Users\Honza\AppData\Local\PirritSuggestor\PirritDesktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-16] (ICQ, LLC.)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {425624a9-a025-11e1-a6bb-5404a6b4f80b} - E:\setup.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {92b9828d-6ed4-11e3-afb1-5404a6b4f80b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {a8f2bea9-7524-11e3-a10a-5404a6b4f80b} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-05-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-05-15]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (No Name) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-09]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-09]
CHR Extension: (Google Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-09]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-09]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-09-22] (ESET)
U2 PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-17] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-05] ()

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-18] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-18 19:29 - 2014-02-18 19:30 - 00009403 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 19:29 - 2014-02-18 19:29 - 00000000 ____D () C:\FRST
2014-02-18 19:28 - 2014-02-18 19:28 - 02152448 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2014-02-18 19:07 - 2014-02-18 19:07 - 00001032 _____ () C:\Windows\PFRO.log
2014-02-18 19:07 - 2014-02-18 19:07 - 00000056 _____ () C:\Windows\setupact.log
2014-02-18 19:07 - 2014-02-18 19:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 18:12 - 2014-02-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 16:36 - 2014-02-18 16:36 - 00000000 ____D () C:\Users\Honza\AppData\Local\Origin
2014-02-14 16:37 - 2014-02-18 18:29 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-03 15:20 - 2014-02-03 15:20 - 00001249 _____ () C:\Users\Public\Desktop\Assassins Creed IV Black Flag.lnk
2014-02-03 15:10 - 2014-02-03 15:24 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag

==================== One Month Modified Files and Folders =======

2015-02-18 17:51 - 2012-05-16 16:59 - 00000000 ____D () C:\Users\Honza
2015-02-18 17:49 - 2013-12-08 12:20 - 00000000 ____D () C:\Users\Honza\Documents\Assassin's Creed IV Black Flag
2015-02-18 17:49 - 2013-09-26 18:51 - 00000000 ____D () C:\Users\Honza\Documents\FIFA 14
2015-02-18 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-02-18 17:48 - 2013-12-28 15:54 - 00000000 ____D () C:\Program Files (x86)\Pirrit
2015-02-18 17:48 - 2013-11-18 15:54 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-02-18 17:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-18 17:46 - 2012-05-16 17:21 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Winamp
2015-02-18 17:45 - 2012-05-16 19:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-18 19:30 - 2014-02-18 19:29 - 00009403 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 19:29 - 2014-02-18 19:29 - 00000000 ____D () C:\FRST
2014-02-18 19:28 - 2014-02-18 19:28 - 02152448 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2014-02-18 19:16 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-18 19:16 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 19:14 - 2012-05-15 13:09 - 01300117 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 19:09 - 2013-07-22 13:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-18 19:07 - 2014-02-18 19:07 - 00001032 _____ () C:\Windows\PFRO.log
2014-02-18 19:07 - 2014-02-18 19:07 - 00000056 _____ () C:\Windows\setupact.log
2014-02-18 19:07 - 2014-02-18 19:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 19:07 - 2012-05-16 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-18 19:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 18:50 - 2012-05-16 17:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-18 18:46 - 2012-06-08 16:27 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-02-18 18:46 - 2012-05-18 14:35 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Media Player Classic
2014-02-18 18:29 - 2014-02-14 16:37 - 00000000 ____D () C:\Users\Honza\AppData\Local\PirritSuggestor
2014-02-18 18:28 - 2013-12-28 15:23 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-02-18 18:12 - 2014-02-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 17:59 - 2013-09-26 14:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-18 17:59 - 2012-11-07 18:47 - 00000000 ____D () C:\ProgramData\Origin
2014-02-18 16:36 - 2014-02-18 16:36 - 00000000 ____D () C:\Users\Honza\AppData\Local\Origin
2014-02-16 19:08 - 2013-09-26 14:43 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-02-09 18:23 - 2012-07-05 19:10 - 00000000 ____D () C:\Users\Honza\Desktop\Movies
2014-02-08 13:35 - 2012-05-20 22:37 - 00000000 ___RD () C:\Users\Honza\Desktop\Foto
2014-02-05 16:50 - 2013-12-11 17:50 - 05556104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 16:50 - 2012-05-16 17:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 16:50 - 2012-05-16 17:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 16:50 - 2012-05-16 17:41 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 16:35 - 2013-06-15 14:06 - 00038698 _____ () C:\Users\Honza\Desktop\Narozky.odt
2014-02-03 21:02 - 2011-04-12 09:34 - 00631276 _____ () C:\Windows\system32\perfh005.dat
2014-02-03 21:02 - 2011-04-12 09:34 - 00121930 _____ () C:\Windows\system32\perfc005.dat
2014-02-03 21:02 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 15:24 - 2014-02-03 15:10 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag
2014-02-03 15:21 - 2013-12-25 12:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-03 15:21 - 2012-12-27 18:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-02-03 15:20 - 2014-02-03 15:20 - 00001249 _____ () C:\Users\Public\Desktop\Assassins Creed IV Black Flag.lnk
2014-02-03 15:20 - 2012-12-27 18:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-03 15:05 - 2012-05-18 15:10 - 00000000 ____D () C:\Games
2014-02-03 15:00 - 2013-12-08 11:32 - 00000000 ____D () C:\Users\Honza\Desktop\Assassin's Creed IV Black Flag
2014-01-23 19:56 - 2012-05-18 14:36 - 00000000 ___RD () C:\Users\Honza\Desktop\Anime

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-08 15:07

==================== End Of Log ============================

#2 Příspěvek od **vyosek** » 18 úno 2014 20:13

Zdravim

Co vse jste pouzival za navody\aplikace\utility??

Dejte prosim i druhy log z FRST s nazvem Addition.txt

Predpokladam, ze ten ESET jak ma byt = zakoupena licence

HoLoW · #3 Příspěvek od **HoLoW** » 18 úno 2014 20:32

Zkoušel jsem ccleaner, pak jsem našel Yet Another Cleaner, který měl podle toho jsem našel pomoct ale nestalo se tak . . s tím esetem je to tak, jak předpokládáte . .

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by Honza at 2014-02-18 19:30:12
Running from C:\Users\Honza\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET Smart Security 5.0 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.1.3 - )
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Czech (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Aegisub 2.1.9 (x32 Version: 2.1.9 - Aegisub Team)
Altap Salamander 2.54 (x32 Version: 2.54 - ALTAP)
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Assassins Creed IV Black Flag version 1.0.0.0 (x32 Version: 1.0.0.0 - RePack by SEYTER)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Batman: Arkham City GOTY (x32 Version: - Rocksteady Studios)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
CCleaner (Version: 3.26 - Piriform)
DAEMON Tools Lite (x32 Version: 4.45.4.0314 - DT Soft Ltd)
Dual-Core Optimizer (x32 Version: 1.1.4.0169 - AMD)
ESET Smart Security (Version: 5.0.94.0 - ESET, spol. s r.o.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
ICQ7M (x32 Version: 7.8 - ICQ)
Injustice: Gods Among Us Ultimate Edition (x32 Version: - NetherRealm Studios)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
K-Lite Codec Pack 5.1.0 (Basic) (x32 Version: 5.1.0 - )
Macromedia Extension Manager (x32 Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (x32 Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (x32 Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 Plugin (x32 Version: 8.0.22.0 - Macromedia)
Media Player Classic - Home Cinema 1.6.1.4235 (x32 Version: 1.6.1.4235 - MPC-HC Team)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 cs) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Mumble 1.2.3 (x32 Version: 1.2.3 - Thorvald Natvig)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (x32 Version: 1 - )
NVIDIA 3D Vision Controller Driver (x32 Version: 267.67 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 267.85 (Version: 267.85 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač HD audia 1.2.22.1 (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 267.85 (Version: 267.85 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Origin (x32 Version: 9.3.11.2762 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 267.85 (Version: 267.85 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKCU Version: - )
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.6 - TeamSpeak Systems GmbH)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Winamp (x32 Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (x32 Version: - Blizzard Entertainment)

==================== Restore Points =========================

12-02-2014 21:34:43 Windows Update
16-02-2014 10:42:18 Operace obnovení
16-02-2014 10:59:27 Windows Update
16-02-2014 21:25:33 Windows Update
18-02-2014 18:05:49 Removed Ubisoft Game Launcher
18-02-2014 18:13:25 Windows Update
18-02-2015 16:43:08 Operace obnovení

==================== Hosts content: ==========================

2009-07-14 03:34 - 2015-02-18 17:54 - 00008953 ____A C:\Windows\system32\Drivers\etc\hosts
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
216.239.32.20 google.com www.google.bi
216.239.32.20 google.com www.google.bj
216.239.32.20 google.com www.google.com.bn
216.239.32.20 google.com www.google.com.bo
216.239.32.20 google.com www.google.com.br
216.239.32.20 google.com www.google.bs
216.239.32.20 google.com www.google.bt
216.239.32.20 google.com www.google.co.bw
216.239.32.20 google.com www.google.by

There are 162 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {33A755F0-81D7-48B2-8338-F5569E138A9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {AEB58EFF-8B22-4C4F-A37C-5544766F4CE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {D6E4BEB3-BE1E-4351-8185-A1305EBEA057} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-05-26 15:01 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2015-02-18 17:54 - 2014-02-17 14:20 - 00191320 _____ () C:\Users\Honza\AppData\Local\PirritSuggestor\PirritDesktop.exe
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-18 18:12 - 2014-02-18 18:12 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 16:50 - 2014-02-05 16:50 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2014 07:09:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2014 07:07:49 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Název chybujícího modulu: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Kód výjimky: 0x40000015
Posun chyby: 0x000000000004e825
ID chybujícího procesu: 0x478
Čas spuštění chybující aplikace: 0xnvvsvc.exe0
Cesta k chybující aplikaci: nvvsvc.exe1
Cesta k chybujícímu modulu: nvvsvc.exe2
ID zprávy: nvvsvc.exe3

Error: (02/18/2015 05:52:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:51:21 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Název chybujícího modulu: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Kód výjimky: 0x40000015
Posun chyby: 0x000000000004e825
ID chybujícího procesu: 0x548
Čas spuštění chybující aplikace: 0xnvvsvc.exe0
Cesta k chybující aplikaci: nvvsvc.exe1
Cesta k chybujícímu modulu: nvvsvc.exe2
ID zprávy: nvvsvc.exe3

Error: (02/18/2015 05:39:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:39:11 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/18/2015 05:37:44 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Název chybujícího modulu: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Kód výjimky: 0x40000015
Posun chyby: 0x000000000004e825
ID chybujícího procesu: 0x480
Čas spuštění chybující aplikace: 0xnvvsvc.exe0
Cesta k chybující aplikaci: nvvsvc.exe1
Cesta k chybujícímu modulu: nvvsvc.exe2
ID zprávy: nvvsvc.exe3

Error: (02/18/2015 05:11:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:10:46 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/18/2015 05:09:35 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Název chybujícího modulu: nvvsvc.exe, verze: 8.17.13.697, časové razítko: 0x506b416b
Kód výjimky: 0x40000015
Posun chyby: 0x000000000004e825
ID chybujícího procesu: 0x594
Čas spuštění chybující aplikace: 0xnvvsvc.exe0
Cesta k chybující aplikaci: nvvsvc.exe1
Cesta k chybujícímu modulu: nvvsvc.exe2
ID zprávy: nvvsvc.exe3

System errors:
=============
Error: (02/18/2014 07:09:03 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritUpdater přestala během spouštění reagovat.

Error: (02/18/2014 07:09:02 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop přestala během spouštění reagovat.

Error: (02/18/2014 06:53:49 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/18/2014 06:29:01 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2014 06:28:41 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2014 06:28:20 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2014 05:58:12 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2014 05:57:51 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2014 05:57:29 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (02/18/2015 05:54:14 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office Sessions:
=========================
Error: (02/18/2014 07:09:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2014 07:07:49 PM) (Source: Application Error)(User: )
Description: nvvsvc.exe8.17.13.697506b416bnvvsvc.exe8.17.13.697506b416b40000015000000000004e82547801cf2cd449abe36dC:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exe93062ea5-98c7-11e3-90fb-5404a6b4f80b

Error: (02/18/2015 05:52:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:51:21 PM) (Source: Application Error)(User: )
Description: nvvsvc.exe8.17.13.697506b416bnvvsvc.exe8.17.13.697506b416b40000015000000000004e82554801d04b9b16a1f9ffC:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exe5d6686ab-b78e-11e4-89ab-5404a6b4f80b

Error: (02/18/2015 05:39:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:39:11 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/18/2015 05:37:44 PM) (Source: Application Error)(User: )
Description: nvvsvc.exe8.17.13.697506b416bnvvsvc.exe8.17.13.697506b416b40000015000000000004e82548001d04b992cf586dcC:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exe76712558-b78c-11e4-9b26-5404a6b4f80b

Error: (02/18/2015 05:11:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 05:10:46 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/18/2015 05:09:35 PM) (Source: Application Error)(User: )
Description: nvvsvc.exe8.17.13.697506b416bnvvsvc.exe8.17.13.697506b416b40000015000000000004e82559401d04b953d3d25d3C:\Windows\system32\nvvsvc.exeC:\Windows\system32\nvvsvc.exe8787dc08-b788-11e4-9c4a-5404a6b4f80b

==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8174.29 MB
Available physical RAM: 6036.36 MB
Total Pagefile: 16346.77 MB
Available Pagefile: 14186.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:858.23 GB) NTFS
Drive e: (FOOTBALL MANAGER) (CDROM) (Total:2.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 192975ED)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-698828718080) - (Type=07 NTFS)

==================== End Of Log ============================

#4 Příspěvek od **vyosek** » 18 úno 2014 20:37

Yet Another Cleaner odinstalujte - jedna se o podvodny program

Stahnete Host permissions http://www.bleepingcomputer.com/download/hosts-permbat/

Ulozte na plochu a spustte
Probehne oprava, objevi se hlaska o uspesne resetu prav k hosts souboru
Stisknete libovolnou klavesu k ukonceni

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
KU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-16] (ICQ, LLC.)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {425624a9-a025-11e1-a6bb-5404a6b4f80b} - E:\setup.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {92b9828d-6ed4-11e3-afb1-5404a6b4f80b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {a8f2bea9-7524-11e3-a10a-5404a6b4f80b} - E:\HTC_Sync_Manager_PC.exe

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

U2 PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-17] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-17] ()

C:\Users\Honza\AppData\Local\PirritSuggestor
C:\Program Files (x86)\Pirrit

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

HoLoW · #5 Příspěvek od **HoLoW** » 18 úno 2014 20:48

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014
Ran by Honza at 2014-02-18 20:44:27 Run:1
Running from C:\Users\Honza\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
KU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-16] (ICQ, LLC.)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {425624a9-a025-11e1-a6bb-5404a6b4f80b} - E:\setup.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {92b9828d-6ed4-11e3-afb1-5404a6b4f80b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {a8f2bea9-7524-11e3-a10a-5404a6b4f80b} - E:\HTC_Sync_Manager_PC.exe

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

U2 PirritDesktop; C:\Users\Honza\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-17] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-17] ()

C:\Users\Honza\AppData\Local\PirritSuggestor
C:\Program Files (x86)\Pirrit

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{425624a9-a025-11e1-a6bb-5404a6b4f80b} => Key not found.
HKCR\CLSID\{425624a9-a025-11e1-a6bb-5404a6b4f80b} => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92b9828d-6ed4-11e3-afb1-5404a6b4f80b} => Key not found.
HKCR\CLSID\{92b9828d-6ed4-11e3-afb1-5404a6b4f80b} => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8f2bea9-7524-11e3-a10a-5404a6b4f80b} => Key not found.
HKCR\CLSID\{a8f2bea9-7524-11e3-a10a-5404a6b4f80b} => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc => Key deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found.
PirritDesktop => Service deleted successfully.
PirritUpdater => Service deleted successfully.
C:\Users\Honza\AppData\Local\PirritSuggestor => Moved successfully.
C:\Program Files (x86)\Pirrit => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

The system needs a manual reboot.

==== End of Fixlog ====

#6 Příspěvek od **vyosek** » 18 úno 2014 20:52

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

HoLoW · #7 Příspěvek od **HoLoW** » 18 úno 2014 20:58

# AdwCleaner v3.019 - Report created 18/02/2014 at 20:56:18
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Honza\AppData\Local\Pirrit Suggestor
Folder Deleted : C:\Users\Honza\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Honza\AppData\Roaming\Systweak
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\torch
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\torch
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2469 octets] - [18/02/2014 20:55:52]
AdwCleaner[S0].txt - [2347 octets] - [18/02/2014 20:56:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2407 octets] ##########

HoLoW · #8 Příspěvek od **HoLoW** » 18 úno 2014 21:28

Zoek.exe v5.0.0.0 Updated 17-February-2014
Tool run by Honza on Łt 18.02.2014 at 21:19:32,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Honza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.2.2014 21:20:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672\prefs.js:

Added to C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\found.000 deleted
C:\PROGRA~3\xmlBCF8.tmp deleted
C:\PROGRA~3\xmlBE02.tmp deleted
C:\PROGRA~3\xmlBE12.tmp deleted
C:\PROGRA~3\xmlBE13.tmp deleted
C:\PROGRA~3\xmlEF4D.tmp deleted
C:\PROGRA~3\xmlEF6E.tmp deleted
C:\PROGRA~3\xmlEF6F.tmp deleted
C:\PROGRA~3\xmlEF70.tmp deleted
C:\PROGRA~3\Package Cache deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash

==== Chrome Look ======================

Pirrit Suggestor - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Honza\AppData\Local\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=18 14712872 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Honza\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Honza\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 18.02.2014 at 21:27:41,15 ======================

#9 Příspěvek od **vyosek** » 19 úno 2014 06:18

Poprosim o novy log z FRST

HoLoW · #10 Příspěvek od **HoLoW** » 19 úno 2014 16:17

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Honza (administrator) on HONZA-PC on 19-02-2014 16:14:55
Running from C:\Users\Honza\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-16] (ICQ, LLC.)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {425624a9-a025-11e1-a6bb-5404a6b4f80b} - E:\setup.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {92b9828d-6ed4-11e3-afb1-5404a6b4f80b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {a8f2bea9-7524-11e3-a10a-5404a6b4f80b} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2v354g31.default-1391862899672
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-05-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-05-15]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-09]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-09]
CHR Extension: (Google Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-09]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-09]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-05] ()

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-18] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-19 16:14 - 2014-02-19 16:14 - 00000000 ____D () C:\Users\Honza\Desktop\FRST-OlderVersion
2014-02-19 15:37 - 2014-02-19 15:37 - 00000000 ____D () C:\Users\Honza\AppData\Local\CrashDumps
2014-02-18 23:44 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 23:44 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-18 23:43 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-18 23:43 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-18 23:43 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-18 23:43 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-18 23:43 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-18 23:43 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-18 23:43 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-18 23:43 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-18 23:43 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-18 23:43 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-18 23:43 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-18 23:43 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-18 23:43 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-18 23:43 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-18 23:43 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-18 23:43 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-18 23:43 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-18 23:43 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-18 23:43 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-18 23:43 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-18 23:43 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-18 23:43 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-18 23:43 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-18 23:43 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-18 23:43 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-18 23:43 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-18 23:43 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-18 23:43 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-18 23:43 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-18 23:43 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-18 23:43 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-18 23:43 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-18 23:43 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-18 23:43 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-18 23:43 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-18 23:43 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-18 23:43 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-18 23:43 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-18 23:43 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 21:26 - 2014-02-18 21:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-18 21:20 - 2014-02-18 21:27 - 00006769 _____ () C:\zoek-results.log
2014-02-18 21:19 - 2014-02-18 21:25 - 00000000 ____D () C:\zoek_backup
2014-02-18 20:54 - 2014-02-18 20:56 - 00000000 ____D () C:\AdwCleaner
2014-02-18 20:53 - 2014-02-18 20:54 - 01284608 _____ () C:\Users\Honza\Desktop\zoek.exe
2014-02-18 20:53 - 2014-02-18 20:53 - 01241834 _____ () C:\Users\Honza\Desktop\adwcleaner.exe
2014-02-18 20:41 - 2014-02-18 20:41 - 00000194 _____ () C:\Users\Honza\Desktop\hosts-perm.bat
2014-02-18 19:30 - 2014-02-18 19:30 - 00019312 _____ () C:\Users\Honza\Desktop\Addition.txt
2014-02-18 19:29 - 2014-02-19 16:15 - 00008746 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-18 19:29 - 2014-02-19 16:14 - 00000000 ____D () C:\FRST
2014-02-18 19:28 - 2014-02-19 16:14 - 02153472 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2014-02-18 19:17 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-18 19:17 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-18 19:17 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-18 19:17 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-18 19:17 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-18 19:17 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-18 19:17 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-18 19:17 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-18 19:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-18 19:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-18 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-18 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-18 19:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-18 19:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-18 19:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-18 19:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-18 19:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-18 19:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-18 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-18 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-18 19:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-18 19:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-18 19:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-18 19:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-18 19:17 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-18 19:17 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-18 19:07 - 2014-02-19 15:37 - 00000280 _____ () C:\Windows\setupact.log
2014-02-18 19:07 - 2014-02-18 21:27 - 00001364 _____ () C:\Windows\PFRO.log
2014-02-18 19:07 - 2014-02-18 19:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 18:12 - 2014-02-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 16:36 - 2014-02-18 22:41 - 00000000 ____D () C:\Users\Honza\AppData\Local\Origin
2014-02-16 12:00 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 12:00 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-03 15:20 - 2014-02-03 15:20 - 00001249 _____ () C:\Users\Public\Desktop\Assassins Creed IV Black Flag.lnk
2014-02-03 15:10 - 2014-02-03 15:24 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag

==================== One Month Modified Files and Folders =======

2015-02-18 17:51 - 2012-05-16 16:59 - 00000000 ____D () C:\Users\Honza
2015-02-18 17:49 - 2013-12-08 12:20 - 00000000 ____D () C:\Users\Honza\Documents\Assassin's Creed IV Black Flag
2015-02-18 17:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-02-18 17:48 - 2013-11-18 15:54 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-02-18 17:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-18 17:46 - 2012-05-16 17:21 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Winamp
2015-02-18 17:45 - 2012-05-16 19:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-02-19 16:15 - 2014-02-18 19:29 - 00008746 _____ () C:\Users\Honza\Desktop\FRST.txt
2014-02-19 16:14 - 2014-02-19 16:14 - 00000000 ____D () C:\Users\Honza\Desktop\FRST-OlderVersion
2014-02-19 16:14 - 2014-02-18 19:29 - 00000000 ____D () C:\FRST
2014-02-19 16:14 - 2014-02-18 19:28 - 02153472 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2014-02-19 16:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-19 15:50 - 2012-05-16 17:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 15:42 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 15:42 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 15:40 - 2012-05-15 13:09 - 01614045 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 15:37 - 2014-02-19 15:37 - 00000000 ____D () C:\Users\Honza\AppData\Local\CrashDumps
2014-02-19 15:37 - 2014-02-18 19:07 - 00000280 _____ () C:\Windows\setupact.log
2014-02-19 15:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 23:50 - 2011-04-12 09:34 - 00631276 _____ () C:\Windows\system32\perfh005.dat
2014-02-18 23:50 - 2011-04-12 09:34 - 00121930 _____ () C:\Windows\system32\perfc005.dat
2014-02-18 23:50 - 2009-07-14 06:13 - 01489860 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 23:38 - 2013-09-26 18:51 - 00000000 ____D () C:\Users\Honza\Documents\FIFA 14
2014-02-18 22:41 - 2014-02-18 16:36 - 00000000 ____D () C:\Users\Honza\AppData\Local\Origin
2014-02-18 22:41 - 2012-11-07 18:49 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Origin
2014-02-18 22:41 - 2012-11-07 18:47 - 00000000 ____D () C:\ProgramData\Origin
2014-02-18 22:39 - 2013-09-26 14:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-18 21:27 - 2014-02-18 21:20 - 00006769 _____ () C:\zoek-results.log
2014-02-18 21:27 - 2014-02-18 19:07 - 00001364 _____ () C:\Windows\PFRO.log
2014-02-18 21:25 - 2014-02-18 21:19 - 00000000 ____D () C:\zoek_backup
2014-02-18 21:19 - 2014-02-18 21:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-18 20:56 - 2014-02-18 20:54 - 00000000 ____D () C:\AdwCleaner
2014-02-18 20:54 - 2014-02-18 20:53 - 01284608 _____ () C:\Users\Honza\Desktop\zoek.exe
2014-02-18 20:53 - 2014-02-18 20:53 - 01241834 _____ () C:\Users\Honza\Desktop\adwcleaner.exe
2014-02-18 20:41 - 2014-02-18 20:41 - 00000194 _____ () C:\Users\Honza\Desktop\hosts-perm.bat
2014-02-18 19:30 - 2014-02-18 19:30 - 00019312 _____ () C:\Users\Honza\Desktop\Addition.txt
2014-02-18 19:09 - 2013-07-22 13:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-18 19:07 - 2014-02-18 19:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 19:07 - 2012-05-16 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-18 18:46 - 2012-06-08 16:27 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-02-18 18:46 - 2012-05-18 14:35 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Media Player Classic
2014-02-18 18:28 - 2013-12-28 15:23 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-02-18 18:12 - 2014-02-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 19:08 - 2013-09-26 14:43 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-02-09 18:23 - 2012-07-05 19:10 - 00000000 ____D () C:\Users\Honza\Desktop\Movies
2014-02-08 13:35 - 2012-05-20 22:37 - 00000000 ___RD () C:\Users\Honza\Desktop\Foto
2014-02-06 13:16 - 2014-02-18 23:43 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-18 23:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-18 23:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-18 23:43 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-18 23:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-18 23:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-18 23:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-18 23:43 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-18 23:43 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-18 23:43 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-18 23:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-18 23:43 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-18 23:43 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-18 23:43 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-18 23:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-18 23:43 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-18 23:43 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-18 23:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-18 23:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-18 23:43 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-18 23:43 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-18 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-18 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-18 23:43 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-18 23:43 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-18 23:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-18 23:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-18 23:43 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-18 23:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-18 23:43 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-18 23:43 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-18 23:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-18 23:43 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-18 23:43 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-18 23:43 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-18 23:43 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-18 23:43 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-18 23:43 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-18 23:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 16:50 - 2013-12-11 17:50 - 05556104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 16:50 - 2012-05-16 17:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 16:50 - 2012-05-16 17:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 16:50 - 2012-05-16 17:41 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 16:35 - 2013-06-15 14:06 - 00038698 _____ () C:\Users\Honza\Desktop\Narozky.odt
2014-02-03 15:24 - 2014-02-03 15:10 - 00000000 ____D () C:\Program Files (x86)\Assassins Creed IV Black Flag
2014-02-03 15:21 - 2012-12-27 18:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-02-03 15:20 - 2014-02-03 15:20 - 00001249 _____ () C:\Users\Public\Desktop\Assassins Creed IV Black Flag.lnk
2014-02-03 15:20 - 2012-12-27 18:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-03 15:05 - 2012-05-18 15:10 - 00000000 ____D () C:\Games
2014-02-03 15:00 - 2013-12-08 11:32 - 00000000 ____D () C:\Users\Honza\Desktop\Assassin's Creed IV Black Flag
2014-01-23 19:56 - 2012-05-18 14:36 - 00000000 ___RD () C:\Users\Honza\Desktop\Anime

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-19 16:04

==================== End Of Log ============================

#11 Příspěvek od **vyosek** » 23 úno 2014 09:28

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2012-05-16] (ICQ, LLC.)
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {425624a9-a025-11e1-a6bb-5404a6b4f80b} - E:\setup.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {92b9828d-6ed4-11e3-afb1-5404a6b4f80b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1025233422-2582190980-4078685208-1000\...\MountPoints2: {a8f2bea9-7524-11e3-a10a-5404a6b4f80b} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

2014-02-18 21:26 - 2014-02-18 21:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-18 21:20 - 2014-02-18 21:27 - 00006769 _____ () C:\zoek-results.log
2014-02-18 21:19 - 2014-02-18 21:25 - 00000000 ____D () C:\zoek_backup
2014-02-18 20:54 - 2014-02-18 20:56 - 00000000 ____D () C:\AdwCleaner
2014-02-18 20:53 - 2014-02-18 20:54 - 01284608 _____ () C:\Users\Honza\Desktop\zoek.exe
2014-02-18 20:53 - 2014-02-18 20:53 - 01241834 _____ () C:\Users\Honza\Desktop\adwcleaner.exe
2014-02-18 20:41 - 2014-02-18 20:41 - 00000194 _____ () C:\Users\Honza\Desktop\hosts-perm.bat
2014-02-18 19:30 - 2014-02-18 19:30 - 00019312 _____ () C:\Users\Honza\Desktop\Addition.txt
2014-02-18 19:29 - 2014-02-19 16:15 - 00008746 _____ () C:\Users\Honza\Desktop\FRST.txt

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

awardhotspot

awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot

Re: awardhotspot