Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Policejní vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Valigurska17
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2014 13:08

Policejní vir

#1 Příspěvek od Valigurska17 »

Dobrý den, včera se mi na notebooku objevil policejní vir a na chvíli mi to zablokovalo prohlížeč. Může to mít nějaké následky? Nebo s tím už nemám dělat nic?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Policejní vir

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Dejte log dle tohoto http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Valigurska17
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2014 13:08

Re: Policejní vir

#3 Příspěvek od Valigurska17 »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by PC (administrator) on PC-PC on 24-02-2014 15:52:39
Running from C:\Users\PC\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Bogdan Sharkov) C:\Program Files\Clownfish\Clownfish.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\inf\mskejxlwn\mskejxlwn.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2011-01-06] (Acer Incorporated)
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-12-29] ()
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [266496 2011-06-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [msnohuSrv] - C:\Windows\inf\msnohu.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Google Update] - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Clownfish] - C:\Program Files\Clownfish\Clownfish.exe [1259768 2013-02-20] (Bogdan Sharkov)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [ConduitFloatingPlugin_cflheckfmhopnialghigdlggahiomebp] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\PC\AppData\Local\Temp\CT3289075\plugins\TBVerifier.dll",RunConduitFloatingPlugin cflheckfmhopnialghigdlggahiomebp <===== ATTENTION
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [241984 2011-10-25] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119529 ... D819273874
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119529 ... D819273874
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... D819273874
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Microsoft Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?affID=119529&babs ... D819273874
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: http://www.delta-search.com/?q={searchT ... D819273874
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\PC\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (The Vampire Diaries 001) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkhfjdehckdomepilagalhldddpcakk [2013-05-02]
CHR Extension: (Delta Toolbar) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-25]
CHR Extension: (Skype Click to Call) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-19]
CHR Extension: (Norton Identity Protection) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-08-13]
CHR Extension: (Peněženka Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\PC\AppData\Roaming\BabSolution\CR\Delta.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2013-02-06]

==================== Services (Whitelisted) =================

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-06] (Just Develop It)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
S3 Microsoft Office Groove Audit Service; C:\Microsoft Office 2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-03] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121101.001\IDSvia64.sys [513184 2012-09-01] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121101.002\ENG64.SYS [126112 2012-11-01] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121101.002\EX64.SYS [2084000 2012-11-01] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-08-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 15:52 - 2014-02-24 15:53 - 00018469 _____ () C:\Users\PC\Desktop\FRST.txt
2014-02-24 15:51 - 2014-02-24 15:52 - 00000000 ____D () C:\FRST
2014-02-24 15:50 - 2014-02-24 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-02-24 15:44 - 2014-02-24 15:44 - 02155520 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-02-24 15:40 - 2014-02-24 15:40 - 00112107 _____ (forum.viry.cz) C:\Users\PC\Desktop\Nepotvrzeno 469589.crdownload
2014-02-24 14:31 - 2014-02-24 14:31 - 00000000 ____D () C:\Users\PC\Desktop\Kika a Jirka
2014-02-22 14:35 - 2014-02-22 14:35 - 00000989 _____ () C:\Users\PC\Desktop\Rajče průvodce.lnk
2014-02-22 13:41 - 2014-02-22 14:05 - 00000000 ____D () C:\Program Files (x86)\rajce
2014-02-22 08:43 - 2014-02-22 08:43 - 00001546 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2014-02-22 08:42 - 2014-02-22 08:43 - 00000000 ____D () C:\Users\PC\AppData\Local\gtk-2.0
2014-02-22 08:37 - 2014-02-22 08:37 - 00000000 ____D () C:\Users\PC\.thumbnails
2014-02-19 16:16 - 2014-02-24 02:27 - 00000031 _____ () C:\Users\PC\AppData\Roaming\WB.CFG
2014-02-19 15:15 - 2014-02-19 18:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-19 15:15 - 2014-02-19 15:16 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-19 15:15 - 2014-02-19 15:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2014-02-19 15:14 - 2014-02-24 15:16 - 00000280 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-19 15:14 - 2014-02-19 15:16 - 00003208 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 15:14 - 2014-02-19 15:14 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DigitalSites
2014-02-19 15:14 - 2014-02-19 15:14 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-02-16 12:12 - 2014-02-16 12:12 - 00000000 ____D () C:\Users\PC\Documents\Any Video Converter
2014-02-16 12:12 - 2014-02-16 12:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AnvSoft
2014-02-16 12:11 - 2014-02-16 12:11 - 00001207 _____ () C:\Users\PC\Desktop\Any Video Converter.lnk
2014-02-16 12:11 - 2014-02-16 12:11 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-02-16 11:40 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Apple Computer
2014-02-16 11:40 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple Computer
2014-02-15 23:41 - 2014-02-15 23:41 - 00011814 _____ () C:\Windows\PFRO.log
2014-02-15 18:55 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 18:55 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 18:52 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 18:52 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 18:52 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 18:52 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 18:52 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 18:52 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 18:52 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 18:52 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 18:52 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 18:52 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 18:52 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 18:52 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 18:52 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 18:52 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 18:52 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 18:52 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 18:52 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 18:52 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 18:52 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 18:52 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 18:52 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 18:52 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 18:52 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 18:52 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 18:52 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 18:52 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 18:52 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 18:52 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 18:52 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 18:52 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 18:52 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 18:52 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 18:52 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 18:52 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 18:52 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 18:52 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 18:52 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 18:52 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 18:52 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 05:43 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 05:43 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 05:43 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 05:43 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 05:43 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 05:43 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 05:43 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 05:43 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 05:43 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 05:43 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 05:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 05:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 05:43 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 05:43 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 05:43 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 05:43 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 05:43 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 05:43 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 05:43 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 05:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 05:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 05:43 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 05:43 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 05:43 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 05:43 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 05:43 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 05:43 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 05:43 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 18:17 - 2014-02-22 08:43 - 00000000 ____D () C:\Users\PC\.gimp-2.8
2014-02-12 18:17 - 2014-02-19 15:08 - 00000930 _____ () C:\Users\PC\Desktop\GIMP 2.lnk
2014-02-12 18:17 - 2014-02-12 18:17 - 00000000 ____D () C:\Users\PC\AppData\Local\gegl-0.2
2014-02-12 18:15 - 2014-02-12 18:16 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-02 19:38 - 2014-02-02 19:39 - 00000000 ____D () C:\cbf59032eb44c00221c9ec96
2014-02-01 21:39 - 2014-02-01 21:39 - 00000000 ____D () C:\ProgramData\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\PC\AppData\Local\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 _____ () C:\Windows\ViewNX2.INI
2014-02-01 17:12 - 2014-02-01 17:30 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-01 17:12 - 2014-02-01 17:12 - 00001970 _____ () C:\Users\Public\Desktop\ViewNX 2.lnk
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Audio
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Applications
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Application Support
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Automatic Filter
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Authentication
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Audio Units
2014-02-01 17:12 - 2014-02-01 17:12 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-01 17:12 - 2014-02-01 17:12 - 00000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Ultima_T15
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\LaserPrinter
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Jazz
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Importer
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\EnterNHelp
2014-02-01 17:12 - 2014-02-01 17:11 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2014-02-01 17:11 - 2014-02-01 17:24 - 00000000 ____D () C:\Program Files (x86)\Nikon
2014-02-01 17:11 - 2014-02-01 17:11 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-01 17:10 - 2014-02-01 17:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-01 17:10 - 2014-02-01 17:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-01 17:08 - 2014-02-01 17:08 - 00000000 ____D () C:\ProgramData\Apple

==================== One Month Modified Files and Folders =======

2014-02-24 15:53 - 2014-02-24 15:52 - 00018469 _____ () C:\Users\PC\Desktop\FRST.txt
2014-02-24 15:52 - 2014-02-24 15:51 - 00000000 ____D () C:\FRST
2014-02-24 15:50 - 2014-02-24 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-02-24 15:44 - 2014-02-24 15:44 - 02155520 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-02-24 15:41 - 2013-08-01 21:48 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 15:40 - 2014-02-24 15:40 - 00112107 _____ (forum.viry.cz) C:\Users\PC\Desktop\Nepotvrzeno 469589.crdownload
2014-02-24 15:25 - 2011-11-27 11:44 - 01153919 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 15:16 - 2014-02-19 15:14 - 00000280 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-24 15:05 - 2012-08-06 14:18 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA.job
2014-02-24 15:02 - 2013-03-25 12:32 - 00000270 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-24 15:01 - 2013-08-24 08:56 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-02-24 14:41 - 2013-08-01 21:48 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 14:31 - 2014-02-24 14:31 - 00000000 ____D () C:\Users\PC\Desktop\Kika a Jirka
2014-02-24 13:31 - 2013-12-29 11:09 - 00005390 _____ () C:\Windows\setupact.log
2014-02-24 10:48 - 2012-08-06 14:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core.job
2014-02-24 10:07 - 2012-08-14 15:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-02-24 02:27 - 2014-02-19 16:16 - 00000031 _____ () C:\Users\PC\AppData\Roaming\WB.CFG
2014-02-23 12:23 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 12:23 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 12:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 14:35 - 2014-02-22 14:35 - 00000989 _____ () C:\Users\PC\Desktop\Rajče průvodce.lnk
2014-02-22 14:05 - 2014-02-22 13:41 - 00000000 ____D () C:\Program Files (x86)\rajce
2014-02-22 08:43 - 2014-02-22 08:43 - 00001546 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2014-02-22 08:43 - 2014-02-22 08:42 - 00000000 ____D () C:\Users\PC\AppData\Local\gtk-2.0
2014-02-22 08:43 - 2014-02-12 18:17 - 00000000 ____D () C:\Users\PC\.gimp-2.8
2014-02-22 08:37 - 2014-02-22 08:37 - 00000000 ____D () C:\Users\PC\.thumbnails
2014-02-22 08:37 - 2012-08-01 06:37 - 00000000 ____D () C:\Users\PC
2014-02-20 21:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-19 19:04 - 2012-10-18 14:35 - 00000000 ____D () C:\Users\PC\Documents\ŠKOLA
2014-02-19 19:04 - 2012-08-15 10:07 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-02-19 18:47 - 2014-02-19 15:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-19 18:47 - 2012-08-01 08:00 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-19 18:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-19 15:16 - 2014-02-19 15:15 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-19 15:16 - 2014-02-19 15:14 - 00003208 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 15:15 - 2014-02-19 15:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2014-02-19 15:14 - 2014-02-19 15:14 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DigitalSites
2014-02-19 15:14 - 2014-02-19 15:14 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-02-19 15:08 - 2014-02-12 18:17 - 00000930 _____ () C:\Users\PC\Desktop\GIMP 2.lnk
2014-02-19 14:31 - 2013-02-27 20:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-19 14:31 - 2011-10-18 09:10 - 00000000 ____D () C:\ProgramData\Skype
2014-02-18 22:00 - 2012-08-06 14:18 - 00003918 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA
2014-02-18 22:00 - 2012-08-06 14:18 - 00003522 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core
2014-02-18 14:36 - 2013-08-01 21:48 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-18 14:36 - 2013-08-01 21:48 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 13:26 - 2013-08-08 08:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 13:22 - 2012-11-21 11:58 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 12:12 - 2014-02-16 12:12 - 00000000 ____D () C:\Users\PC\Documents\Any Video Converter
2014-02-16 12:12 - 2014-02-16 12:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AnvSoft
2014-02-16 12:11 - 2014-02-16 12:11 - 00001207 _____ () C:\Users\PC\Desktop\Any Video Converter.lnk
2014-02-16 12:11 - 2014-02-16 12:11 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-02-16 11:40 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Apple Computer
2014-02-16 11:40 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple Computer
2014-02-15 23:41 - 2014-02-15 23:41 - 00011814 _____ () C:\Windows\PFRO.log
2014-02-15 21:03 - 2013-04-07 11:43 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2014-02-15 19:18 - 2012-08-06 14:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-15 19:16 - 2011-11-27 12:31 - 00634780 _____ () C:\Windows\system32\perfh005.dat
2014-02-15 19:16 - 2011-11-27 12:31 - 00123338 _____ () C:\Windows\system32\perfc005.dat
2014-02-15 19:16 - 2009-07-14 06:13 - 01499320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-15 19:13 - 2013-12-29 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-15 18:59 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2014-02-12 18:17 - 2014-02-12 18:17 - 00000000 ____D () C:\Users\PC\AppData\Local\gegl-0.2
2014-02-12 18:16 - 2014-02-12 18:15 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-12 16:26 - 2013-03-25 12:32 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-06 13:16 - 2014-02-15 18:52 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-15 18:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-15 18:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-15 18:52 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-15 18:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-15 18:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-15 18:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-15 18:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-15 18:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-15 18:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-15 18:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-15 18:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-15 18:52 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-15 18:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-15 18:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-15 18:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-15 18:52 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-15 18:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-15 18:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-15 18:52 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-15 18:52 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-15 18:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-15 18:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-15 18:52 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-15 18:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-15 18:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-15 18:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-15 18:52 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-15 18:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-15 18:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-15 18:52 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-15 18:52 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-15 18:52 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-15 18:52 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-15 18:52 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-15 18:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-15 18:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-15 18:52 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-15 18:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-02 19:39 - 2014-02-02 19:38 - 00000000 ____D () C:\cbf59032eb44c00221c9ec96
2014-02-01 21:39 - 2014-02-01 21:39 - 00000000 ____D () C:\ProgramData\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 ____D () C:\Users\PC\AppData\Local\Nikon
2014-02-01 17:30 - 2014-02-01 17:30 - 00000000 _____ () C:\Windows\ViewNX2.INI
2014-02-01 17:30 - 2014-02-01 17:12 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-01 17:24 - 2014-02-01 17:11 - 00000000 ____D () C:\Program Files (x86)\Nikon
2014-02-01 17:24 - 2011-10-18 08:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-01 17:12 - 2014-02-01 17:12 - 00001970 _____ () C:\Users\Public\Desktop\ViewNX 2.lnk
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Audio
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Applications
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\Users\PC\AppData\Roaming\Application Support
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Automatic Filter
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Authentication
2014-02-01 17:12 - 2014-02-01 17:12 - 00000268 ___RH () C:\ProgramData\Audio Units
2014-02-01 17:12 - 2014-02-01 17:12 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-01 17:12 - 2014-02-01 17:12 - 00000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Ultima_T15
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\LaserPrinter
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Jazz
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\Importer
2014-02-01 17:12 - 2014-02-01 17:12 - 00000000 ____D () C:\ProgramData\EnterNHelp
2014-02-01 17:11 - 2014-02-01 17:12 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2014-02-01 17:11 - 2014-02-01 17:11 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-01 17:11 - 2014-02-01 17:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-01 17:10 - 2014-02-01 17:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-01 17:08 - 2014-02-01 17:08 - 00000000 ____D () C:\ProgramData\Apple

Files to move or delete:
====================
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\BackupSetup.exe
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\uttD585.tmp.exe
C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\PC\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Norton 360 (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 413 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(7.67 KiB) Staženo 22 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Policejní vir

#4 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-12-29] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msnohuSrv] - C:\Windows\inf\msnohu.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Google Update] - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [ConduitFloatingPlugin_cflheckfmhopnialghigdlggahiomebp] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\PC\AppData\Local\Temp\CT3289075\plugins\TBVerifier.dll",RunConduitFloatingPlugin cflheckfmhopnialghigdlggahiomebp <===== ATTENTION
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119529 ... D819273874
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119529 ... D819273874
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119529&babsrc=SP_ss&mntrId=AECC60D819273874

CHR HomePage: hxxp://www.delta-search.com/?affID=1195 ... D819273874
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: http://www.delta-search.com/?q={searchTerms}&affID=119529&babsrc=SP_ss&mntrId=AECC60D819273874
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Extension: (Delta Toolbar) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\PC\AppData\Roaming\BabSolution\CR\Delta.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-06] (Just Develop It)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-03] ()
DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc
DisableService: NMIndexingService

2014-02-24 15:50 - 2014-02-24 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-02-24 15:40 - 2014-02-24 15:40 - 00112107 _____ (forum.viry.cz) C:\Users\PC\Desktop\Nepotvrzeno 469589.crdownload
2014-02-19 15:15 - 2014-02-19 18:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-19 15:15 - 2014-02-19 15:16 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\PC\AppData\Local\Temp\BackupSetup.exe
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\uttD585.tmp.exe
C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe
C:\Windows\inf\msnohu.vbe
C:\Windows\AutoKMS.exe 
C:\Windows\inf\mskejxlwn
C:\Program Files (x86)\Tor
C:\Users\PC\AppData\Local\Temp\CT3289075
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\RegClean Pro
C:\Users\PC\AppData\Roaming\DIGITA~1

Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\PC\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Hosts:

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Valigurska17
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2014 13:08

Re: Policejní vir

#5 Příspěvek od Valigurska17 »

Omlouvám se, ale nějak mi to nejde. :( Vytvoreny TXT jsem uložila jako fixlist.txt, ale nevím jak je myšleno, abych fixlist přesunula vedle FRST. Mám ho přesunout přímo do toho souboru?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Policejní vir

#6 Příspěvek od vyosek »

Staci kdy fixlist.txt ulozite na stejne misto jako FRST, takze jej ulozte primo na plochu, jelikoz tam mate i FRST (Running from C:\Users\PC\Desktop)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Valigurska17
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2014 13:08

Re: Policejní vir

#7 Příspěvek od Valigurska17 »

Nevím proč, ale píše mi to tu, že přípona txt není povolena.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Policejní vir

#8 Příspěvek od vyosek »

:arrow: Stahnete si fixlist odsud http://leteckaposta.cz/389985670 a ulozte na plochu

:arrow: Spustte FRST a kliknete na Fix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Valigurska17
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 úno 2014 13:08

Re: Policejní vir

#9 Příspěvek od Valigurska17 »

Prostě mi to nějak pořád nejde odeslat. Tak vám to sem překopíruju, jestli to nebude vadit.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014 01
Ran by PC at 2014-02-26 22:30:48 Run:3
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-12-29] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msnohuSrv] - C:\Windows\inf\msnohu.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Google Update] - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\...\Run: [ConduitFloatingPlugin_cflheckfmhopnialghigdlggahiomebp] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\PC\AppData\Local\Temp\CT3289075\plugins\TBVerifier.dll",RunConduitFloatingPlugin cflheckfmhopnialghigdlggahiomebp <===== ATTENTION
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119529 ... D819273874
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119529 ... D819273874
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... D819273874

CHR HomePage: hxxp://www.delta-search.com/?affID=1195 ... D819273874
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: http://www.delta-search.com/?q={searchT ... D819273874
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Extension: (Delta Toolbar) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\PC\AppData\Roaming\BabSolution\CR\Delta.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-06] (Just Develop It)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-03] ()
DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc
DisableService: NMIndexingService

2014-02-24 15:50 - 2014-02-24 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher (1).exe
2014-02-24 15:40 - 2014-02-24 15:40 - 00112107 _____ (forum.viry.cz) C:\Users\PC\Desktop\Nepotvrzeno 469589.crdownload
2014-02-19 15:15 - 2014-02-19 18:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-19 15:15 - 2014-02-19 15:16 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\PC\AppData\Local\Temp\BackupSetup.exe
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\uttD585.tmp.exe
C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe
C:\Windows\inf\msnohu.vbe
C:\Windows\AutoKMS.exe
C:\Windows\inf\mskejxlwn
C:\Program Files (x86)\Tor
C:\Users\PC\AppData\Local\Temp\CT3289075
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\RegClean Pro
C:\Users\PC\AppData\Roaming\DIGITA~1

Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\PC\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\msnohuSrv => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Unable to delete value
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => Unable to delete value
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Unable to delete value
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Unable to delete value
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Unable to delete value
HKU\S-1-5-21-2143461387-1268236248-1946530696-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_cflheckfmhopnialghigdlggahiomebp => Unable to delete value
"c:\\progra~3\\bitguard\\271769~1.27\\{c16c1~1\\loader.dll" => Value Data not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Unable to delete value
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Unable to delete value
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Unable to delete value
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
CHR HomePage: hxxp://www.delta-search.com/?affID=1195 ... D819273874 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: delta-search.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Delta Search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.delta-search.com/?q={searchT ... D819273874 ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\PC\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll not found.
C:\Users\PC\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll not found.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde => Key not found.
"C:\Users\PC\AppData\Roaming\BabSolution\CR\Delta.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key not found.
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Directory not found.
BackupStack => Service not found.
tor => Service not found.
c2cautoupdatesvc service was disabled
c2cpnrsvc service was disabled
NMIndexingService service was disabled
"C:\Users\PC\Desktop\FRSTLauncher (1).exe" => File/Directory not found.
"C:\Users\PC\Desktop\Nepotvrzeno 469589.crdownload" => File/Directory not found.
"C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\ProgramData\PKP_DLes.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLet.DAT" => File/Directory not found.
"C:\ProgramData\PKP_DLev.DAT" => File/Directory not found.
"C:\Users\PC\AppData\Local\Temp\BackupSetup.exe" => File/Directory not found.
"C:\Users\PC\AppData\Local\Temp\ose00000.exe" => File/Directory not found.
"C:\Users\PC\AppData\Local\Temp\uttD585.tmp.exe" => File/Directory not found.
"C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe" => File/Directory not found.
"C:\Windows\inf\msnohu.vbe" => File/Directory not found.
"C:\Windows\AutoKMS.exe" => File/Directory not found.
"C:\Windows\inf\mskejxlwn" => File/Directory not found.
"C:\Program Files (x86)\Tor" => File/Directory not found.
"C:\Users\PC\AppData\Local\Temp\CT3289075" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\RegClean Pro" => File/Directory not found.
"C:\Users\PC\AppData\Roaming\DIGITA~1" => File/Directory not found.
C:\Windows\Tasks\Digital Sites.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002Core.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2143461387-1268236248-1946530696-1002UA.job not found.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job not found.
C:\Windows\Tasks\RegClean Pro_UPDATES.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Policejní vir

#10 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“