Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01
Ran by Home_PC (administrator) on GAME-PC on 16-04-2014 18:49:29
Running from C:\Users\Home_PC\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\SYSTEM32\NVVSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE
(NVIDIA Corporation) C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE
(NVIDIA Corporation) C:\WINDOWS\SYSTEM32\NVVSVC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
(Intel Corporation) C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Malwarebytes Corporation) C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSCHEDULER.EXE
(Malwarebytes Corporation) C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\PROGRAM FILES\NVIDIA CORPORATION\NVSTREAMSRV\NVSTREAMSVC.EXE
() C:\WINDOWS\SYSWOW64\PNKBSTRA.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corporation) C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\NISSRV.EXE
(Malwarebytes Corporation) C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMGUI.EXE
(Microsoft Corporation) C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSSECES.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(NVIDIA Corporation) C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\UPDATE CORE\NVBACKEND.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\CNACBSWK.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
(NVIDIA Corporation) C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE
(Renesas Electronics Corporation) C:\PROGRAM FILES (X86)\RENESAS ELECTRONICS\USB 3.0 HOST CONTROLLER DRIVER\APPLICATION\NUSB3MON.EXE
() C:\USERS\HOME_PC\APPDATA\ROAMING\SEZNAM.CZ\BIN\SZNDESKTOP.EXE
() C:\USERS\HOME_PC\APPDATA\ROAMING\SEZNAM.CZ\BIN\LISTICKA-X64.EXE
(Intel(R) Corporation) C:\PROGRAM FILES (X86)\INTEL\INTEL DESKTOP UTILITIES\IPTRAY.EXE
(Apple Inc.) C:\PROGRAM FILES (X86)\ITUNES\ITUNESHELPER.EXE
(Oracle Corporation) C:\PROGRAM FILES (X86)\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
(Apple Inc.) C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE
(Microsoft Corporation) C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IELOWUTIL.EXE
(Oracle Corporation) C:\PROGRAM FILES (X86)\JAVA\JRE7\BIN\JAVAW.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
(Mozilla Corporation) C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_12_0_0_77.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_12_0_0_77.EXE
() C:\Users\Home_PC\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-10-22] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-10-22] (Crawler.com)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ipTray.exe] => C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe [1632456 2011-11-10] (Intel(R) Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1061960 2013-03-21] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => D:\__save league of legends\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mncnpeogsSrv] => C:\Windows\SysWOW64\mncnpeogs.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Home_PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Home_PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [uTorrent] => C:\Users\Home_PC\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-11] (BitTorrent Inc.)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
==================== Internet (Whitelisted) ====================
ProxyServer: http=http://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKCU - DefaultScope {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {0B76631B-65DE-4001-8522-FD0BFD98CEB6} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tbid=60747
SearchScopes: HKCU - {245388E3-CBA9-42EF-8189-C4EAC4A8E535} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {4D76A73F-6822-43D9-B461-A10E3BF8587B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKCU - {57311830-C3D9-4AC7-931A-3AAB685B4874} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {7D7B63EA-BCE9-4931-A81C-812117D69BE4} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {863F9688-4707-4F28-8F4F-A4AA12BF8EB5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} URL = http://websearch.ask.com/redirect?clien ... 0A210471F2
SearchScopes: HKCU - {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {C777CC1F-C2AE-4987-99B9-F11A30F764DA} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {D161C07C-0991-4F4E-BD98-E749442BBF1E} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {E3C9BE4C-D394-4BC1-910C-92580DB819D1} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
BHO: YoutubeAdblocker - {590EA535-D940-857E-6D2D-AC70F9356C7B} - C:\Program Files (x86)\YoutubeAdblocker\HaVBV5o3m.x64.dll No File
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: SNT - {946BD3D7-66E0-0A45-DC74-79E709772A55} - C:\Program Files (x86)\SNT\K.x64.dll No File
BHO: saffewueb - {B5281AFA-C76B-F551-C4CA-EB935AE35B09} - C:\Program Files (x86)\saffewueb\vRmzuqa.x64.dll ()
BHO: SNT - {D684A81A-6E24-8900-1CA6-232072D453D4} - C:\Program Files (x86)\SNT\ioGJHnZI.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
BHO: YoutubeAdblocker - {F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} - C:\Program Files (x86)\YoutubeAdblocker\v2TxCafbA.x64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF Homepage: hxxp://websearch.amaizingsearches.info/?pid=924&r=2014/03/29&hid=16995116873413962697&lg=EN&cc=CZ&unqvl=51
FF Keyword.URL: hxxp://websearch.amaizingsearches.info/?pid=924&r=2014/03/29&hid=16995116873413962697&lg=EN&cc=CZ&unqvl=51&l=1&q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-31]
FF Extension: No Name - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-08-21]
FF Extension: No Name - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-07-25]
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-02-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YoutubeAdblocker) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eokbdddiieiefmodhninbnkilbeeacaj [2014-03-29]
CHR Extension: (SNT) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglbfdpdbkaapilmhggbajdfipdokfbm [2014-03-29]
CHR Extension: (safeoweb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc [2014-03-29]
CHR Extension: (Enhancements for Gmail) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn [2014-03-26]
CHR Extension: (SNT) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\negaakjdoglkcnajdjdbhbdjafmfhgfh [2014-03-26]
CHR Extension: (YoutubeAdblocker) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngfdkijcifejgoebdonbkilhfkggflih [2014-03-26]
CHR Extension: (saffewueb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\Home_PC\AppData\Local\Temp\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2014-03-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-09-27] (BitRaider, LLC)
R2 IduService; C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [124616 2011-11-10] (Intel(R) Corporation)
R2 Intel(R) Desktop Boards FSC Application Service; C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [61440 2011-11-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-17] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-10-22] (Crawler.com)
==================== Drivers (Whitelisted) ====================
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-27] (BitRaider)
R3 cpuio; C:\Windows\SysWOW64\Drivers\cpuiox64.sys [15384 2012-02-29] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-13] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2012-11-14] (Duplex Secure Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-03-22] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-16 18:49 - 2014-04-16 18:50 - 00021276 _____ () C:\Users\Home_PC\Desktop\FRST.txt
2014-04-16 18:49 - 2014-04-16 18:49 - 00000000 ____D () C:\Users\Home_PC\Desktop\FRST-OlderVersion
2014-04-14 21:16 - 2014-04-14 21:19 - 00000000 ____D () C:\Users\Home_PC\Desktop\Nová složka
2014-04-13 20:57 - 2014-04-13 22:06 - 00000000 ____D () C:\Users\Home_PC\Desktop\kompr
2014-04-11 05:03 - 2014-04-11 05:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Oblivion
2014-04-10 21:55 - 2014-04-10 21:55 - 00003270 _____ () C:\Windows\System32\Tasks\{A11AF5EB-35B5-46C3-AE63-E616A407A4C3}
2014-04-09 06:44 - 2014-04-16 06:49 - 00000003 _____ () C:\Users\All\stut
2014-04-09 06:43 - 2014-04-09 06:44 - 00000074 _____ () C:\Users\All\output.txt
2014-04-09 06:42 - 2014-04-09 06:42 - 00000386 _____ () C:\Users\All\rgut
2014-04-08 21:48 - 2014-04-15 06:01 - 00000003 _____ () C:\Users\Home_PC\stut
2014-04-08 21:46 - 2014-04-09 16:50 - 00000330 _____ () C:\Users\Home_PC\rgut
2014-04-08 07:40 - 2014-04-08 07:40 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\rmi
2014-04-08 06:48 - 2014-04-08 06:48 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-04-08 06:48 - 2014-03-05 22:19 - 00007670 ____S () C:\Windows\SysWOW64\mncnpeogs.vbe
2014-04-08 06:48 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnpeogs.exe
2014-04-08 06:48 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-04-08 06:48 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-04-08 06:48 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-04-08 06:48 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-04-08 06:48 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-04-08 06:48 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-04-08 06:48 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-04-08 06:48 - 2013-06-12 15:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-04-08 06:48 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-04-08 06:48 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-04-07 15:27 - 2014-04-03 04:01 - 30945280 _____ () C:\Users\All\Desktop\eso.exe
2014-04-06 13:55 - 2014-04-06 13:55 - 00000000 ____D () C:\Users\All\Documents\Elder Scrolls Online
2014-04-05 19:12 - 2014-04-05 19:12 - 00000000 ____D () C:\Users\Home_PC\Documents\Elder Scrolls Online
2014-04-05 19:12 - 2014-04-05 19:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-04-05 13:56 - 2014-04-05 13:56 - 00001010 _____ () C:\Users\Home_PC\Desktop\The Elder Scrolls Online.lnk
2014-04-05 13:55 - 2014-04-05 13:56 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2014-04-05 13:55 - 2014-04-05 13:55 - 00000000 ____D () C:\Windows\jre
2014-04-02 18:19 - 2014-04-02 18:19 - 00000020 _____ () C:\Windows\đőż
2014-04-01 19:53 - 2014-04-01 19:53 - 00000944 _____ () C:\Users\Home_PC\Desktop\Open Broadcaster Software.lnk
2014-04-01 19:53 - 2014-04-01 19:53 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-03-29 13:07 - 2014-03-30 18:27 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-03-29 13:06 - 2014-03-30 18:27 - 00000000 ____D () C:\Program Files (x86)\safeoweb
2014-03-26 23:36 - 2014-04-16 18:34 - 00000448 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-03-26 23:36 - 2014-03-29 13:07 - 00002694 _____ () C:\Windows\System32\Tasks\SW.Booster-S-1935984173
2014-03-26 23:35 - 2014-03-27 07:09 - 00000000 ____D () C:\Program Files (x86)\saffewueb
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Packages
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\All\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\All\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator
2014-03-25 20:59 - 2014-03-25 21:11 - 178943284 _____ () C:\Users\Home_PC\Desktop\Stephen King EN+CZ ebook collection [scifi horror drama knihy 77cz 65en doc pdf mobi pdb epub temna vez pod kupoli carrie etc].rar
2014-03-25 19:00 - 2014-03-25 22:30 - 00011573 _____ () C:\Users\Home_PC\Desktop\Porto_Praha_účet.xlsx
2014-03-24 18:35 - 2014-03-24 18:35 - 01081272 _____ (Overwolf) C:\Users\All\Downloads\WoTSocialHubInstallerEU.exe
2014-03-24 18:35 - 2014-03-24 18:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Overwolf
2014-03-24 18:17 - 2014-03-24 18:17 - 00000581 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-03-22 23:05 - 2014-04-14 16:11 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-03-22 23:05 - 2014-03-22 23:05 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-22 23:05 - 2014-03-22 23:05 - 00001047 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-03-22 23:05 - 2014-03-22 23:05 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Spyware Terminator
2014-03-22 23:03 - 2014-03-22 23:06 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-22 23:02 - 2014-03-22 23:02 - 00937208 _____ (Crawler.com ) C:\Users\Home_PC\Downloads\SpywareTerminatorSetup.exe
2014-03-22 10:18 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-22 10:18 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-22 10:06 - 2014-03-22 10:06 - 00025863 _____ () C:\ComboFix.txt
2014-03-21 21:48 - 2014-03-21 21:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 21:47 - 2014-03-21 21:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-21 21:46 - 2014-03-21 21:46 - 00921000 _____ (Oracle Corporation) C:\Users\Home_PC\Downloads\jxpiinstall.exe
2014-03-20 21:56 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-20 21:56 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-20 21:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-20 21:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-20 21:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-20 21:56 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-20 21:56 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-20 21:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-20 21:55 - 2014-03-22 10:06 - 00000000 ____D () C:\Qoobox
2014-03-20 21:55 - 2014-03-22 10:02 - 00000000 ____D () C:\Windows\erdnt
2014-03-20 21:50 - 2014-03-20 21:50 - 05190052 ____R (Swearware) C:\Users\Home_PC\Desktop\ComboFix.exe
2014-03-20 20:43 - 2014-04-16 18:49 - 00000000 ____D () C:\FRST
2014-03-20 20:41 - 2014-04-16 18:49 - 02158080 _____ (Farbar) C:\Users\Home_PC\Desktop\FRST64.exe
2014-03-20 19:40 - 2014-03-20 19:40 - 00000000 ____D () C:\rsit
2014-03-20 19:40 - 2014-03-20 19:40 - 00000000 ____D () C:\Program Files\trend micro
2014-03-20 13:45 - 2014-04-16 18:47 - 00000000 ____D () C:\Users\Home_PC\Desktop\antiviry
2014-03-20 06:14 - 2014-03-20 06:14 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 22:49 - 2014-03-20 19:26 - 00000000 ____D () C:\AdwCleaner
2014-03-19 22:48 - 2014-03-19 22:48 - 01037278 _____ () C:\Users\Home_PC\Downloads\adwcleaner(1).exe
2014-03-17 22:04 - 2014-04-16 16:13 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-17 22:04 - 2014-03-17 22:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
==================== One Month Modified Files and Folders =======
2014-04-16 18:50 - 2014-04-16 18:49 - 00021276 _____ () C:\Users\Home_PC\Desktop\FRST.txt
2014-04-16 18:49 - 2014-04-16 18:49 - 00000000 ____D () C:\Users\Home_PC\Desktop\FRST-OlderVersion
2014-04-16 18:49 - 2014-03-20 20:43 - 00000000 ____D () C:\FRST
2014-04-16 18:49 - 2014-03-20 20:41 - 02158080 _____ (Farbar) C:\Users\Home_PC\Desktop\FRST64.exe
2014-04-16 18:47 - 2014-03-20 13:45 - 00000000 ____D () C:\Users\Home_PC\Desktop\antiviry
2014-04-16 18:37 - 2011-04-12 10:34 - 00689920 _____ () C:\Windows\system32\perfh005.dat
2014-04-16 18:37 - 2011-04-12 10:34 - 00150656 _____ () C:\Windows\system32\perfc005.dat
2014-04-16 18:37 - 2009-07-14 07:13 - 01637298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 18:35 - 2012-02-29 00:08 - 01185607 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 18:34 - 2014-03-26 23:36 - 00000448 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-04-16 18:18 - 2013-05-27 06:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 17:28 - 2013-05-08 18:48 - 00000000 ____D () C:\Users\All\AppData\Roaming\.minecraft
2014-04-16 17:03 - 2012-06-30 18:56 - 00000000 ____D () C:\Users\All\AppData\Roaming\Skype
2014-04-16 16:13 - 2014-03-17 22:04 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-16 16:13 - 2012-08-28 08:24 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-16 16:10 - 2012-08-28 08:24 - 00281288 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-16 08:45 - 2012-02-28 23:17 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{688A73AE-B742-4599-AB00-4D8F743FCC7C}
2014-04-16 06:52 - 2013-05-04 15:12 - 00000000 ____D () C:\Users\All\AppData\Roaming\Seznam.cz
2014-04-16 06:49 - 2014-04-09 06:44 - 00000003 _____ () C:\Users\All\stut
2014-04-16 05:34 - 2012-09-22 07:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\uTorrent
2014-04-15 22:01 - 2013-08-15 08:59 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Awesomium
2014-04-15 15:33 - 2013-08-15 08:22 - 00339923 _____ () C:\Windows\DirectX.log
2014-04-15 06:03 - 2013-05-04 14:12 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Seznam.cz
2014-04-15 06:01 - 2014-04-08 21:48 - 00000003 _____ () C:\Users\Home_PC\stut
2014-04-15 05:58 - 2012-06-30 18:24 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Skype
2014-04-15 05:56 - 2009-07-14 06:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 05:56 - 2009-07-14 06:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 05:49 - 2013-07-27 06:57 - 00038207 _____ () C:\Windows\setupact.log
2014-04-15 05:48 - 2012-02-29 01:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-15 05:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 21:19 - 2014-04-14 21:16 - 00000000 ____D () C:\Users\Home_PC\Desktop\Nová složka
2014-04-14 16:11 - 2014-03-22 23:05 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-04-13 22:06 - 2014-04-13 20:57 - 00000000 ____D () C:\Users\Home_PC\Desktop\kompr
2014-04-13 18:33 - 2012-12-24 13:38 - 00000000 ____D () C:\Users\Home_PC\Desktop\kapr
2014-04-13 09:53 - 2013-08-15 09:04 - 00000000 ____D () C:\Users\All\AppData\Roaming\Awesomium
2014-04-12 12:07 - 2013-08-22 04:57 - 00249618 _____ () C:\Windows\PFRO.log
2014-04-11 05:44 - 2012-03-10 19:40 - 00000000 ____D () C:\Users\Home_PC\Documents\My Games
2014-04-11 05:03 - 2014-04-11 05:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Oblivion
2014-04-10 22:00 - 2013-09-28 06:23 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-04-10 21:57 - 2012-03-11 11:10 - 00000000 ____D () C:\Users\All\Documents\My Games
2014-04-10 21:55 - 2014-04-10 21:55 - 00003270 _____ () C:\Windows\System32\Tasks\{A11AF5EB-35B5-46C3-AE63-E616A407A4C3}
2014-04-10 21:25 - 2012-03-12 08:13 - 00000000 ____D () C:\Users\All\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-10 21:24 - 2012-03-16 20:00 - 00000000 ____D () C:\Users\All\Desktop\Štěpán
2014-04-10 17:54 - 2012-02-29 00:08 - 00000000 ____D () C:\Users\Home_PC
2014-04-10 14:14 - 2013-10-21 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-09 16:50 - 2014-04-08 21:46 - 00000330 _____ () C:\Users\Home_PC\rgut
2014-04-09 06:44 - 2014-04-09 06:43 - 00000074 _____ () C:\Users\All\output.txt
2014-04-09 06:44 - 2012-03-10 18:56 - 00000000 ____D () C:\Users\All
2014-04-09 06:42 - 2014-04-09 06:42 - 00000386 _____ () C:\Users\All\rgut
2014-04-08 07:40 - 2014-04-08 07:40 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\rmi
2014-04-08 07:02 - 2013-07-04 06:58 - 00000000 ____D () C:\Users\All\AppData\Local\Game Dev Tycoon
2014-04-08 06:48 - 2014-04-08 06:48 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-04-06 13:55 - 2014-04-06 13:55 - 00000000 ____D () C:\Users\All\Documents\Elder Scrolls Online
2014-04-05 19:12 - 2014-04-05 19:12 - 00000000 ____D () C:\Users\Home_PC\Documents\Elder Scrolls Online
2014-04-05 19:12 - 2014-04-05 19:12 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-04-05 13:56 - 2014-04-05 13:56 - 00001010 _____ () C:\Users\Home_PC\Desktop\The Elder Scrolls Online.lnk
2014-04-05 13:56 - 2014-04-05 13:55 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2014-04-05 13:55 - 2014-04-05 13:55 - 00000000 ____D () C:\Windows\jre
2014-04-03 16:44 - 2013-07-04 06:46 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Game Dev Tycoon
2014-04-03 04:01 - 2014-04-07 15:27 - 30945280 _____ () C:\Users\All\Desktop\eso.exe
2014-04-02 20:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-02 20:48 - 2013-02-01 08:52 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Windows Live
2014-04-02 20:03 - 2012-08-27 09:36 - 00000000 ____D () C:\Users\All\AppData\Roaming\TS3Client
2014-04-02 19:11 - 2012-06-04 15:44 - 00000000 ____D () C:\Games
2014-04-02 18:19 - 2014-04-02 18:19 - 00000020 _____ () C:\Windows\đőż
2014-04-02 16:23 - 2013-12-17 22:50 - 00000000 ____D () C:\Users\All\Downloads\lol
2014-04-01 19:53 - 2014-04-01 19:53 - 00000944 _____ () C:\Users\Home_PC\Desktop\Open Broadcaster Software.lnk
2014-04-01 19:53 - 2014-04-01 19:53 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-01 19:53 - 2013-09-30 13:34 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-30 18:27 - 2014-03-29 13:07 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-03-30 18:27 - 2014-03-29 13:06 - 00000000 ____D () C:\Program Files (x86)\safeoweb
2014-03-29 13:07 - 2014-03-26 23:36 - 00002694 _____ () C:\Windows\System32\Tasks\SW.Booster-S-1935984173
2014-03-27 07:09 - 2014-03-26 23:35 - 00000000 ____D () C:\Program Files (x86)\saffewueb
2014-03-26 23:50 - 2012-08-27 12:58 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Apps\2.0
2014-03-26 23:36 - 2012-03-12 00:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Packages
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Guest
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\ASPNET
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\All\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\All\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-26 23:35 - 2014-03-26 23:35 - 00000000 ____D () C:\Users\Administrator
2014-03-26 23:35 - 2012-04-06 14:29 - 00000000 ____D () C:\Users\All\AppData\Local\Google
2014-03-26 23:35 - 2012-04-06 14:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Google
2014-03-26 23:01 - 2012-03-12 00:06 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-26 21:01 - 2013-10-08 20:02 - 05292054 _____ () C:\Users\All\Desktop\Nový rastrový obrázek (5).bmp
2014-03-25 22:30 - 2014-03-25 19:00 - 00011573 _____ () C:\Users\Home_PC\Desktop\Porto_Praha_účet.xlsx
2014-03-25 21:11 - 2014-03-25 20:59 - 178943284 _____ () C:\Users\Home_PC\Desktop\Stephen King EN+CZ ebook collection [scifi horror drama knihy 77cz 65en doc pdf mobi pdb epub temna vez pod kupoli carrie etc].rar
2014-03-24 18:35 - 2014-03-24 18:35 - 01081272 _____ (Overwolf) C:\Users\All\Downloads\WoTSocialHubInstallerEU.exe
2014-03-24 18:35 - 2014-03-24 18:35 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Overwolf
2014-03-24 18:32 - 2012-12-05 16:35 - 00000000 ____D () C:\Fraps
2014-03-24 18:17 - 2014-03-24 18:17 - 00000581 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-03-22 23:06 - 2014-03-22 23:03 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-22 23:05 - 2014-03-22 23:05 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-22 23:05 - 2014-03-22 23:05 - 00001047 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-03-22 23:05 - 2014-03-22 23:05 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Spyware Terminator
2014-03-22 23:05 - 2014-02-19 18:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-22 23:02 - 2014-03-22 23:02 - 00937208 _____ (Crawler.com ) C:\Users\Home_PC\Downloads\SpywareTerminatorSetup.exe
2014-03-22 13:35 - 2012-05-28 05:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-22 13:35 - 2012-05-28 05:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-22 10:06 - 2014-03-22 10:06 - 00025863 _____ () C:\ComboFix.txt
2014-03-22 10:06 - 2014-03-20 21:55 - 00000000 ____D () C:\Qoobox
2014-03-22 10:05 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-22 10:03 - 2009-07-14 04:34 - 71589888 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-22 10:03 - 2009-07-14 04:34 - 22544384 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-22 10:03 - 2009-07-14 04:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-22 10:03 - 2009-07-14 04:34 - 00065536 _____ () C:\Windows\system32\config\SAM.bak
2014-03-22 10:03 - 2009-07-14 04:34 - 00032768 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-22 10:02 - 2014-03-20 21:55 - 00000000 ____D () C:\Windows\erdnt
2014-03-21 21:47 - 2014-03-21 21:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 21:47 - 2014-03-21 21:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 21:47 - 2014-03-21 21:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-21 21:46 - 2014-03-21 21:46 - 00921000 _____ (Oracle Corporation) C:\Users\Home_PC\Downloads\jxpiinstall.exe
2014-03-20 21:50 - 2014-03-20 21:50 - 05190052 ____R (Swearware) C:\Users\Home_PC\Desktop\ComboFix.exe
2014-03-20 20:05 - 2012-05-04 14:14 - 00000000 ____D () C:\Windows\Minidump
2014-03-20 19:40 - 2014-03-20 19:40 - 00000000 ____D () C:\rsit
2014-03-20 19:40 - 2014-03-20 19:40 - 00000000 ____D () C:\Program Files\trend micro
2014-03-20 19:26 - 2014-03-19 22:49 - 00000000 ____D () C:\AdwCleaner
2014-03-20 06:14 - 2014-03-20 06:14 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 22:48 - 2014-03-19 22:48 - 01037278 _____ () C:\Users\Home_PC\Downloads\adwcleaner(1).exe
2014-03-18 06:41 - 2009-07-14 07:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-17 22:04 - 2014-03-17 22:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-17 14:07 - 2013-01-26 10:54 - 00000000 ____D () C:\Users\Home_PC\Documents\Settlers7
2014-03-17 06:32 - 2013-05-27 06:59 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-17 06:32 - 2013-04-09 16:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-17 06:32 - 2013-04-09 16:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-17 06:32 - 2012-02-28 23:57 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\Home_PC\AppData\Local\Temp\AutoRun.exe
C:\Users\Home_PC\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Home_PC\AppData\Local\Temp\EAInstall.dll
C:\Users\Home_PC\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Home_PC\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:9.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:3.95 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:9.2 GB) NTFS
Available physical RAM: 5859.71 MB
Total physical RAM: 8169.33 MB
Percentage of memory in use: 28%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:12B8C802
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Home_PC\Desktop" je 1360 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk
C:\PROGRA~2\OPENBI~1\daemon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK
C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mncnpeogsSrv] => C:\Windows\SysWOW64\mncnpeogs.vbe [7670 2014-03-05] ()
C:\Windows\SysWOW64\mncnpeogs.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKCU - DefaultScope {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60747
SearchScopes: HKCU - {A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^RN&apn_dtid=^YYYYYY^YY^CZ&apn_uid=79C7A78F-1279-45D9-AAD5-8E4966976A4E&apn_sauid=8096B9FE-79A4-4A41-B55C-130A210471F2
SearchScopes: HKCU - {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
BHO: YoutubeAdblocker - {590EA535-D940-857E-6D2D-AC70F9356C7B} - C:\Program Files (x86)\YoutubeAdblocker\HaVBV5o3m.x64.dll No File
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: SNT - {946BD3D7-66E0-0A45-DC74-79E709772A55} - C:\Program Files (x86)\SNT\K.x64.dll No File
BHO: saffewueb - {B5281AFA-C76B-F551-C4CA-EB935AE35B09} - C:\Program Files (x86)\saffewueb\vRmzuqa.x64.dll ()
BHO: SNT - {D684A81A-6E24-8900-1CA6-232072D453D4} - C:\Program Files (x86)\SNT\ioGJHnZI.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
BHO: YoutubeAdblocker - {F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} - C:\Program Files (x86)\YoutubeAdblocker\v2TxCafbA.x64.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF Homepage: hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
FF Keyword.URL: hxxp://websearch.amaizingsearches.info/ ... =51&l=1&q=
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF SearchPlugin: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
CHR Extension: (safeoweb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc [2014-03-29]
CHR Extension: (saffewueb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne [2014-03-26]
C:\Windows\SysWOW64\acumncnpeogs.exe
C:\Program Files (x86)\safeoweb
C:\Program Files (x86)\saffewue
C:\Users\Home_PC\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:12B8C802
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014 01
Ran by Home_PC at 2014-04-17 22:28:38 Run:2
Running from C:\Users\Home_PC\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mncnpeogsSrv] => C:\Windows\SysWOW64\mncnpeogs.vbe [7670 2014-03-05] ()
C:\Windows\SysWOW64\mncnpeogs.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKCU - DefaultScope {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60747
SearchScopes: HKCU - {A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^RN&apn_dtid=^YYYYYY^YY^CZ&apn_uid=79C7A78F-1279-45D9-AAD5-8E4966976A4E&apn_sauid=8096B9FE-79A4-4A41-B55C-130A210471F2
SearchScopes: HKCU - {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
BHO: YoutubeAdblocker - {590EA535-D940-857E-6D2D-AC70F9356C7B} - C:\Program Files (x86)\YoutubeAdblocker\HaVBV5o3m.x64.dll No File
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: SNT - {946BD3D7-66E0-0A45-DC74-79E709772A55} - C:\Program Files (x86)\SNT\K.x64.dll No File
BHO: saffewueb - {B5281AFA-C76B-F551-C4CA-EB935AE35B09} - C:\Program Files (x86)\saffewueb\vRmzuqa.x64.dll ()
BHO: SNT - {D684A81A-6E24-8900-1CA6-232072D453D4} - C:\Program Files (x86)\SNT\ioGJHnZI.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
BHO: YoutubeAdblocker - {F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} - C:\Program Files (x86)\YoutubeAdblocker\v2TxCafbA.x64.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF Homepage: hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
FF Keyword.URL: hxxp://websearch.amaizingsearches.info/ ... =51&l=1&q=
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF SearchPlugin: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
CHR Extension: (safeoweb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc [2014-03-29]
CHR Extension: (saffewueb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne [2014-03-26]
C:\Windows\SysWOW64\acumncnpeogs.exe
C:\Program Files (x86)\safeoweb
C:\Program Files (x86)\saffewue
C:\Users\Home_PC\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:12B8C802
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncnpeogsSrv => Value not found.
"C:\Windows\SysWOW64\mncnpeogs.vbe" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\SearchAssistant => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key deleted successfully.
HKCR\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} => Key deleted successfully.
HKCR\CLSID\{A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C4C021AF-09F8-4137-9A09-E312E05CA109} => Key deleted successfully.
HKCR\CLSID\{C4C021AF-09F8-4137-9A09-E312E05CA109} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{590EA535-D940-857E-6D2D-AC70F9356C7B} => Key deleted successfully.
HKCR\CLSID\{590EA535-D940-857E-6D2D-AC70F9356C7B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{946BD3D7-66E0-0A45-DC74-79E709772A55} => Key deleted successfully.
HKCR\CLSID\{946BD3D7-66E0-0A45-DC74-79E709772A55} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5281AFA-C76B-F551-C4CA-EB935AE35B09} => Key deleted successfully.
HKCR\CLSID\{B5281AFA-C76B-F551-C4CA-EB935AE35B09} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D684A81A-6E24-8900-1CA6-232072D453D4} => Key deleted successfully.
HKCR\CLSID\{D684A81A-6E24-8900-1CA6-232072D453D4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\CLSID\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} => Key deleted successfully.
HKCR\CLSID\{F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\CLSID\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars" => File/Directory not found.
C:\Program Files (x86)\Skype\Toolbars => Should not be moved.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
HKLM\Software\MozillaPlugins\@java.com/DTPlugin => Key deleted successfully.
"C:\Program Files\Java\jre6\bin\npDeployJava1.dll" => not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key deleted successfully.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
"C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml" => not found.
"C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml" => not found.
C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc directory not found.
C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne directory not found.
"C:\Windows\SysWOW64\acumncnpeogs.exe" => File/Directory not found.
"C:\Program Files (x86)\safeoweb" => File/Directory not found.
"C:\Program Files (x86)\saffewue" => File/Directory not found.
C:\Users\Home_PC\AppData\Local\Temp => Moved successfully.
"C:\ProgramData\TEMP" => ":12B8C802" ADS not found.
"C:\ProgramData\TEMP" => ":69E87FA2" ADS not found.
==== End of Fixlog ====
Ran by Home_PC at 2014-04-17 22:28:38 Run:2
Running from C:\Users\Home_PC\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mncnpeogsSrv] => C:\Windows\SysWOW64\mncnpeogs.vbe [7670 2014-03-05] ()
C:\Windows\SysWOW64\mncnpeogs.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
SearchScopes: HKCU - DefaultScope {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60747
SearchScopes: HKCU - {A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^RN&apn_dtid=^YYYYYY^YY^CZ&apn_uid=79C7A78F-1279-45D9-AAD5-8E4966976A4E&apn_sauid=8096B9FE-79A4-4A41-B55C-130A210471F2
SearchScopes: HKCU - {C4C021AF-09F8-4137-9A09-E312E05CA109} URL = http://start.funmoods.com/results.php?f ... earchTerms}
BHO: YoutubeAdblocker - {590EA535-D940-857E-6D2D-AC70F9356C7B} - C:\Program Files (x86)\YoutubeAdblocker\HaVBV5o3m.x64.dll No File
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: SNT - {946BD3D7-66E0-0A45-DC74-79E709772A55} - C:\Program Files (x86)\SNT\K.x64.dll No File
BHO: saffewueb - {B5281AFA-C76B-F551-C4CA-EB935AE35B09} - C:\Program Files (x86)\saffewueb\vRmzuqa.x64.dll ()
BHO: SNT - {D684A81A-6E24-8900-1CA6-232072D453D4} - C:\Program Files (x86)\SNT\ioGJHnZI.x64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
BHO: YoutubeAdblocker - {F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} - C:\Program Files (x86)\YoutubeAdblocker\v2TxCafbA.x64.dll No File
BHO: safeoweb - {EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} - C:\Program Files (x86)\safeoweb\0.x64.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF Homepage: hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
FF Keyword.URL: hxxp://websearch.amaizingsearches.info/ ... =51&l=1&q=
FF Plugin: @java.com/DTPlugin - C:\Program Files\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF SearchPlugin: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
CHR Extension: (safeoweb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc [2014-03-29]
CHR Extension: (saffewueb) - C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne [2014-03-26]
C:\Windows\SysWOW64\acumncnpeogs.exe
C:\Program Files (x86)\safeoweb
C:\Program Files (x86)\saffewue
C:\Users\Home_PC\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:12B8C802
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncnpeogsSrv => Value not found.
"C:\Windows\SysWOW64\mncnpeogs.vbe" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\SearchAssistant => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key deleted successfully.
HKCR\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} => Key deleted successfully.
HKCR\CLSID\{A50C14E4-BD4E-4AC0-AC21-459D3D0D6222} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C4C021AF-09F8-4137-9A09-E312E05CA109} => Key deleted successfully.
HKCR\CLSID\{C4C021AF-09F8-4137-9A09-E312E05CA109} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{590EA535-D940-857E-6D2D-AC70F9356C7B} => Key deleted successfully.
HKCR\CLSID\{590EA535-D940-857E-6D2D-AC70F9356C7B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{946BD3D7-66E0-0A45-DC74-79E709772A55} => Key deleted successfully.
HKCR\CLSID\{946BD3D7-66E0-0A45-DC74-79E709772A55} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5281AFA-C76B-F551-C4CA-EB935AE35B09} => Key deleted successfully.
HKCR\CLSID\{B5281AFA-C76B-F551-C4CA-EB935AE35B09} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D684A81A-6E24-8900-1CA6-232072D453D4} => Key deleted successfully.
HKCR\CLSID\{D684A81A-6E24-8900-1CA6-232072D453D4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\CLSID\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} => Key deleted successfully.
HKCR\CLSID\{F2E5E92E-B82E-529F-DDB1-CD8193EFB6A2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\CLSID\{EEF39F3D-F1E4-2C1B-E7EB-4781F792EDCE} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars" => File/Directory not found.
C:\Program Files (x86)\Skype\Toolbars => Should not be moved.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
HKLM\Software\MozillaPlugins\@java.com/DTPlugin => Key deleted successfully.
"C:\Program Files\Java\jre6\bin\npDeployJava1.dll" => not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key deleted successfully.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
"C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\WebSearch.xml" => not found.
"C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml" => not found.
C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\goodphkbbeanpbanjifchdleolkdaanc directory not found.
C:\Users\Home_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpeaolmnicleiolakknlmgbaklicjne directory not found.
"C:\Windows\SysWOW64\acumncnpeogs.exe" => File/Directory not found.
"C:\Program Files (x86)\safeoweb" => File/Directory not found.
"C:\Program Files (x86)\saffewue" => File/Directory not found.
C:\Users\Home_PC\AppData\Local\Temp => Moved successfully.
"C:\ProgramData\TEMP" => ":12B8C802" ADS not found.
"C:\ProgramData\TEMP" => ":69E87FA2" ADS not found.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
díky moc
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?