Pavukov pocitac :D

Zpráva

#1 Příspěvek od **Pavuk29** » 03 kvě 2014 18:42

Mozte sa mi na to niekto pozriet, nieco mi tam nesedi

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by userr (administrator) on USER on 03-05-2014 19:33:14
Running from C:\___dokumenty\download
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(SafetyNut Inc) C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc) C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc) C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetynut.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(QIP.ru) C:\Users\userr\AppData\Roaming\QipGuard\QipGuard.exe
(Charles DeWeese) C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sysinternals - http://www.sysinternals.com) C:\Users\userr\Desktop\utility\procexp.exe
(Sysinternals - http://www.sysinternals.com) C:\Users\userr\AppData\Local\Temp\procexp64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-10-08] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-03] (AVAST Software)
HKLM-x32\...\Run: [iTraffic Monitor] => C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe [942080 2009-04-22] (Charles DeWeese)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [QIP Internet Guardian] => C:\Users\userr\AppData\Roaming\QipGuard\QipGuard.exe [436224 2013-12-05] (QIP.ru)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [iTraffic Monitor] => C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe [942080 2009-04-22] (Charles DeWeese)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [uTorrent] => C:\Users\userr\AppData\Roaming\uTorrent\uTorrent.exe [1270352 2014-05-02] (BitTorrent Inc.)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\Run: [Twoo] => C:\Users\userr\AppData\Roaming\Massive Media\Twoo.exe [10476000 2013-10-03] (Massive Media)
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: F - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9b5b-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9bce-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03daa44c-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1678-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1758-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {3a68ec2b-0735-11e3-be81-001e101f55e5} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631837-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631862-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631971-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a39-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a97-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631d69-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded0353-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded04bb-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {c5ecd393-229d-11e3-beac-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {e2b5d7df-2768-11e3-beae-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {eabd4e2a-4075-11e3-bebd-001e101f6ef3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {f25b3c75-072c-11e3-be7d-8434976f8d75} - "F:\AutoRun.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk
ShortcutTarget: No-IP DUC.lnk -> C:\Program Files (x86)\No-IP\DUC30.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetycrt.dll [489992 2014-04-27] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\safetycrt.dll [664584 2014-04-27] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/2
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {8E805679-AD2E-430A-8FEF-7F95E3F96A85} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1097A386-515F-4D74-B5B8-24E5D69512DC} URL = http://search.yahoo.com/search?p={searc ... type=10809
SearchScopes: HKCU - {8E805679-AD2E-430A-8FEF-7F95E3F96A85} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Program Files (x86)\FreshDevices\FreshDownload\fdcatch.dll (FreshDevices Corp.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Program Files (x86)\FreshDevices\FreshDownload\fdiebar.dll (FreshDevices Corp.)
Toolbar: HKLM-x32 - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKCU - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 95.47.178.167 8.8.8.8
Tcpip\..\Interfaces\{C26D1247-C313-4722-97A7-A4DD33825182}: [NameServer]160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{D7F7A069-CD6D-4A0E-83FF-31CD19E25EA1}: [NameServer]160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{FC420903-5D07-4050-AEA7-5C95C86B28E1}: [NameServer]160.218.161.60 194.228.211.33

FireFox:
========
FF ProfilePath: C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.google.sk
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=209&systemid=488&v=a12521-335&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=4045800411214746&o=APN11459&q=
FF NetworkProxy: "backup.ftp", "194.160.51.1"
FF NetworkProxy: "backup.ftp_port", 800
FF NetworkProxy: "backup.socks", "194.160.51.1"
FF NetworkProxy: "backup.socks_port", 800
FF NetworkProxy: "backup.ssl", "194.160.51.1"
FF NetworkProxy: "backup.ssl_port", 800
FF NetworkProxy: "ftp", "194.160.51.2"
FF NetworkProxy: "ftp_port", 800
FF NetworkProxy: "http", "194.160.51.2"
FF NetworkProxy: "http_port", 800
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "194.160.51.2"
FF NetworkProxy: "socks_port", 800
FF NetworkProxy: "ssl", "194.160.51.2"
FF NetworkProxy: "ssl_port", 800
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DAEMON Tools Toolbar - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\DTToolbar@toolbarnet(2).com [2013-08-15]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) [2013-08-15]
FF Extension: Ask New Tabs - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{A418B729-A4C7-8F7E-53DB-5FD4D4C9320C} [2014-05-02]
FF Extension: DownloadHelper - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-25]
FF Extension: DownloadHelper - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) [2013-08-15]
FF Extension: Flash and Video Download - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-03-13]
FF Extension: Color toggle - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\background@toggle.wtf.xpi [2013-08-15]
FF Extension: Unfriend Finder - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\firefox@unfriendfinder.com.xpi [2013-08-15]
FF Extension: Flip or Rotate Image - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\jid0-AGJXXzyS0rT1UudxcYiNRjbGttc@jetpack.xpi [2014-01-03]
FF Extension: Scriptish - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\scriptish@erikvold.com.xpi [2013-08-15]
FF Extension: Social Fixer - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\socialfixer@mattkruse.com.xpi [2013-08-15]
FF Extension: HttpFox - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi [2013-08-15]
FF Extension: Image-Show-Hide - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{92A24891-BA14-4e89-9FFD-07FFBE4334EE}.xpi [2013-08-15]
FF Extension: Adblock Plus - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-15]
FF Extension: BetterPrivacy - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-01-07]
FF Extension: Greasemonkey - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\ij9jlc90.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-11]

Chrome:
=======
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gc ... earchTerms}
CHR Extension: (Dokumenty Google) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-26]
CHR Extension: (Disk Google) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (YouTube) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (Hľadať v Google) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (avast! Online Security) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-15]
CHR Extension: (Peňaženka Google) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Users\userr\AppData\Local\Temp\tbch.crx [2014-05-03]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-03] (AVAST Software)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [369152 2012-07-26] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SafetyNutManager; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [3544072 2014-04-27] (SafetyNut Inc)
S3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-13] (Disc Soft Ltd)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-27] (SafetyNut Inc)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2013-08-17] (ITE )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF; C:\Windows\SysWOW64\drivers\npf.sys [35344 2012-09-22] (CACE Technologies, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-11] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-09] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U3 ac242fw1; C:\Windows\System32\Drivers\ac242fw1.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-03 19:32 - 2014-05-03 19:33 - 00000000 ____D () C:\FRST
2014-05-03 19:19 - 2014-05-03 19:25 - 00000000 ____D () C:\rsit
2014-05-03 19:19 - 2014-05-03 19:25 - 00000000 ____D () C:\Program Files\trend micro
2014-05-03 19:18 - 2014-05-03 19:18 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-05-03 17:40 - 2014-05-03 18:07 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Dropbox
2014-05-03 17:31 - 2014-05-03 17:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-03 17:31 - 2014-05-03 17:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-02 15:11 - 2014-05-03 19:26 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\Browser Tab Search by Ask
2014-05-02 15:09 - 2014-05-02 15:09 - 00000847 _____ () C:\Users\userr\Desktop\µTorrent.lnk
2014-05-02 15:09 - 2014-05-02 15:09 - 00000827 _____ () C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-04-29 17:57 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-29 17:57 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-29 17:57 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-29 17:57 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-29 17:57 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-28 21:23 - 2014-04-28 21:23 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-04-26 11:03 - 2014-04-26 11:03 - 00000000 ____D () C:\Program Files (x86)\Veetle
2014-04-22 19:17 - 2014-04-22 19:17 - 00001046 _____ () C:\Users\userr\Desktop\Twoo.lnk
2014-04-22 19:15 - 2014-04-22 19:15 - 00000918 _____ () C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\Twoo.lnk
2014-04-22 19:15 - 2014-04-22 19:15 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Massive Media
2014-04-22 19:15 - 2014-04-22 19:15 - 00000000 ____D () C:\Users\userr\AppData\Local\Massive Media
2014-04-22 17:37 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-22 17:37 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-04-22 17:37 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-04-22 17:37 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-22 17:37 - 2014-02-27 01:40 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-22 17:37 - 2014-02-27 01:21 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-22 17:37 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-22 17:37 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-22 17:37 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-22 17:37 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-22 17:37 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-04-21 11:05 - 2014-04-21 11:10 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Scribus
2014-04-21 11:04 - 2014-04-21 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.2
2014-04-21 11:03 - 2014-04-21 11:04 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.2
2014-04-15 18:54 - 2014-04-15 18:54 - 00053207 _____ () C:\Users\userr\Desktop\PROFESIA.SK - Ponuka práce - Grafik, Koordinátor projektu, CBS... 14_04_2014.htm
2014-04-15 18:54 - 2014-04-15 18:54 - 00000000 ____D () C:\Users\userr\Desktop\PROFESIA.SK - Ponuka práce - Grafik, Koordinátor projektu, CBS... 14_04_2014_soubory
2014-04-14 23:30 - 2014-04-14 23:30 - 00000000 ____D () C:\Users\userr\Documents\Adobe Scripts
2014-04-13 11:45 - 2014-04-13 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-13 11:45 - 2014-04-13 11:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-12 22:12 - 2014-04-12 22:15 - 00000000 ____D () C:\Program Files (x86)\Torrent Master
2014-04-12 22:12 - 2014-04-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrent Master
2014-04-12 22:02 - 2014-04-27 16:18 - 00000000 ____D () C:\Users\userr\Desktop\torrent
2014-04-12 14:04 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 14:04 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 14:04 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 14:04 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 14:04 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 14:04 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 14:04 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-12 14:04 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-12 14:04 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 14:04 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 14:04 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-12 14:04 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 14:04 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 14:04 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 14:04 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 14:04 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 14:04 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-12 14:04 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 14:04 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 14:04 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 14:03 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 14:02 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 14:02 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 14:02 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 14:02 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-12 14:02 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 11:45 - 2014-04-13 14:56 - 00000000 ____D () C:\Program Files (x86)\iTraffic Monitor
2014-04-12 11:45 - 2014-04-12 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTraffic Monitor
2014-04-12 11:45 - 2014-04-12 11:45 - 00000000 ____D () C:\ProgramData\iTraffic Monitor
2014-04-11 05:58 - 2014-04-11 06:02 - 00044218 _____ () C:\Users\userr\Desktop\Grafik, ROCO Slovakia spol.s.r.o.,... 07_04_2014.htm
2014-04-11 05:58 - 2014-04-11 05:58 - 00000000 ____D () C:\Users\userr\Desktop\Grafik, ROCO Slovakia spol.s.r.o.,... 07_04_2014_soubory
2014-04-09 19:06 - 2014-04-09 19:06 - 00001456 _____ () C:\Users\userr\Desktop\Skype.lnk
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ____D () C:\Users\userr\AppData\Local\Skype
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

2014-05-03 19:33 - 2014-05-03 19:32 - 00000000 ____D () C:\FRST
2014-05-03 19:32 - 2014-02-05 23:20 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Free Download Manager
2014-05-03 19:26 - 2014-05-02 15:11 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-05-03 19:25 - 2014-05-03 19:19 - 00000000 ____D () C:\rsit
2014-05-03 19:25 - 2014-05-03 19:19 - 00000000 ____D () C:\Program Files\trend micro
2014-05-03 19:24 - 2014-03-09 13:09 - 00000000 ____D () C:\Users\userr\AppData\Roaming\uTorrent
2014-05-03 19:18 - 2014-05-03 19:18 - 00000000 ____D () C:\ProgramData\Free Download Manager
2014-05-03 19:13 - 2014-03-27 22:46 - 00000000 ____D () C:\Users\userr\AppData\Local\CrashDumps
2014-05-03 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-03 18:48 - 2013-08-15 08:57 - 00000000 ____D () C:\Users\userr\.VirtualBox
2014-05-03 18:07 - 2014-05-03 17:40 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Dropbox
2014-05-03 18:00 - 2014-02-08 15:59 - 00003156 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForuserr
2014-05-03 18:00 - 2014-02-08 15:59 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForuserr.job
2014-05-03 18:00 - 2013-08-13 13:12 - 00000000 ____D () C:\Users\userr
2014-05-03 17:56 - 2013-12-07 13:40 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Skype
2014-05-03 17:52 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 17:42 - 2013-07-08 10:11 - 00755956 _____ () C:\Windows\system32\perfh005.dat
2014-05-03 17:42 - 2013-07-08 10:11 - 00162886 _____ () C:\Windows\system32\perfc005.dat
2014-05-03 17:42 - 2012-07-26 09:28 - 01851550 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-03 17:39 - 2013-08-15 10:18 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-05-03 17:31 - 2014-05-03 17:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-03 17:31 - 2014-05-03 17:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-03 17:31 - 2013-12-20 14:34 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-03 17:31 - 2013-09-11 13:36 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-03 17:31 - 2013-09-11 13:36 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-03 17:31 - 2013-09-11 13:36 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-02 15:11 - 2013-08-21 09:17 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-02 15:10 - 2014-05-02 15:10 - 00000000 ____D () C:\Program Files (x86)\Browser Tab Search by Ask
2014-05-02 15:10 - 2013-08-21 09:17 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-02 15:09 - 2014-05-02 15:09 - 00000847 _____ () C:\Users\userr\Desktop\µTorrent.lnk
2014-05-02 15:09 - 2014-05-02 15:09 - 00000827 _____ () C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-01 23:09 - 2013-08-17 22:16 - 00000000 ____D () C:\Users\userr\AppData\Roaming\vlc
2014-04-30 18:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-30 17:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-29 20:34 - 2013-09-12 15:38 - 00000000 ____D () C:\tmp
2014-04-29 20:34 - 2013-08-15 07:22 - 00000000 ____D () C:\Users\userr\AppData\Local\GHISLER
2014-04-29 20:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-29 18:14 - 2014-03-19 19:22 - 02927696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-29 18:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-29 17:56 - 2013-11-11 13:56 - 00000273 _____ () C:\Users\userr\Desktop\moje.txt
2014-04-28 21:23 - 2014-04-28 21:23 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-04-28 21:23 - 2014-03-09 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-04-28 21:22 - 2014-03-09 16:40 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-27 16:18 - 2014-04-12 22:02 - 00000000 ____D () C:\Users\userr\Desktop\torrent
2014-04-27 08:14 - 2013-12-25 00:07 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Movier
2014-04-26 21:00 - 2013-08-15 17:24 - 00000000 ____D () C:\___dokumenty
2014-04-26 11:03 - 2014-04-26 11:03 - 00000000 ____D () C:\Program Files (x86)\Veetle
2014-04-25 16:05 - 2014-03-31 20:30 - 00000027 _____ () C:\Users\userr\Desktop\kupit.TXT
2014-04-23 01:47 - 2013-12-06 07:51 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2013-12-06 07:51 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 19:17 - 2014-04-22 19:17 - 00001046 _____ () C:\Users\userr\Desktop\Twoo.lnk
2014-04-22 19:15 - 2014-04-22 19:15 - 00000918 _____ () C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\Twoo.lnk
2014-04-22 19:15 - 2014-04-22 19:15 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Massive Media
2014-04-22 19:15 - 2014-04-22 19:15 - 00000000 ____D () C:\Users\userr\AppData\Local\Massive Media
2014-04-22 19:03 - 2013-08-13 13:22 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3271869029-3981108209-2828370416-1002
2014-04-22 17:46 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-04-21 11:10 - 2014-04-21 11:05 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Scribus
2014-04-21 11:10 - 2013-08-17 20:54 - 00000000 ____D () C:\Users\userr\Desktop\editory
2014-04-21 11:04 - 2014-04-21 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.2
2014-04-21 11:04 - 2014-04-21 11:03 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.2
2014-04-20 21:39 - 2013-08-17 19:28 - 00000000 ____D () C:\Users\userr\Desktop\utility
2014-04-20 11:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-20 11:34 - 2013-08-17 19:28 - 00000000 ____D () C:\Program Files\Defraggler
2014-04-20 09:36 - 2013-08-15 09:00 - 00000000 ____D () C:\___zalohy
2014-04-19 11:39 - 2014-04-29 17:57 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-04-29 17:57 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-04-29 17:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-04-29 17:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-04-29 17:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 15:23 - 2013-08-17 21:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 18:54 - 2014-04-15 18:54 - 00053207 _____ () C:\Users\userr\Desktop\PROFESIA.SK - Ponuka práce - Grafik, Koordinátor projektu, CBS... 14_04_2014.htm
2014-04-15 18:54 - 2014-04-15 18:54 - 00000000 ____D () C:\Users\userr\Desktop\PROFESIA.SK - Ponuka práce - Grafik, Koordinátor projektu, CBS... 14_04_2014_soubory
2014-04-14 23:30 - 2014-04-14 23:30 - 00000000 ____D () C:\Users\userr\Documents\Adobe Scripts
2014-04-14 23:29 - 2013-08-13 13:15 - 00000000 ____D () C:\Users\userr\AppData\Roaming\Adobe
2014-04-13 14:56 - 2014-04-12 11:45 - 00000000 ____D () C:\Program Files (x86)\iTraffic Monitor
2014-04-13 11:45 - 2014-04-13 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-13 11:45 - 2014-04-13 11:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-12 22:15 - 2014-04-12 22:12 - 00000000 ____D () C:\Program Files (x86)\Torrent Master
2014-04-12 22:12 - 2014-04-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrent Master
2014-04-12 21:58 - 2013-09-05 12:23 - 00000000 ____D () C:\Users\userr\AppData\Roaming\TrueCrypt
2014-04-12 14:21 - 2013-10-08 17:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 14:06 - 2013-10-08 17:08 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-12 11:45 - 2014-04-12 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTraffic Monitor
2014-04-12 11:45 - 2014-04-12 11:45 - 00000000 ____D () C:\ProgramData\iTraffic Monitor
2014-04-12 08:35 - 2013-08-13 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-11 06:02 - 2014-04-11 05:58 - 00044218 _____ () C:\Users\userr\Desktop\Grafik, ROCO Slovakia spol.s.r.o.,... 07_04_2014.htm
2014-04-11 05:58 - 2014-04-11 05:58 - 00000000 ____D () C:\Users\userr\Desktop\Grafik, ROCO Slovakia spol.s.r.o.,... 07_04_2014_soubory
2014-04-09 19:06 - 2014-04-09 19:06 - 00001456 _____ () C:\Users\userr\Desktop\Skype.lnk
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ____D () C:\Users\userr\AppData\Local\Skype
2014-04-09 19:05 - 2014-04-09 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-09 19:05 - 2013-12-07 13:40 - 00000000 ____D () C:\ProgramData\Skype
2014-04-07 18:01 - 2013-08-15 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-06 08:28 - 2014-01-31 23:01 - 00011231 _____ () C:\Users\userr\Desktop\dlhy.ods
2014-04-06 08:26 - 2013-08-13 19:49 - 00000000 ____D () C:\ProgramData\DatacardService
2014-04-05 21:37 - 2013-10-10 13:15 - 00001618 _____ () C:\Users\userr\Desktop\CyberLink PowerDirector.lnk

Some content of TEMP:
====================
C:\Users\userr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp83poki.dll
C:\Users\userr\AppData\Local\Temp\procexp64.exe
C:\Users\userr\AppData\Local\Temp\sfamcc00001.dll
C:\Users\userr\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-27 09:26

==================== End Of Log ============================

#2 Příspěvek od **Rudy** » 03 kvě 2014 18:58

Zkopíruj do poznámkového bloku:

Start
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: F - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9b5b-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9bce-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03daa44c-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1678-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1758-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {3a68ec2b-0735-11e3-be81-001e101f55e5} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631837-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631862-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631971-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a39-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a97-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631d69-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded0353-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded04bb-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {c5ecd393-229d-11e3-beac-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {e2b5d7df-2768-11e3-beae-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {eabd4e2a-4075-11e3-bebd-001e101f6ef3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {f25b3c75-072c-11e3-be7d-8434976f8d75} - "F:\AutoRun.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetycrt.dll [489992 2014-04-27] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\safetycrt.dll [664584 2014-04-27] ()
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {8E805679-AD2E-430A-8FEF-7F95E3F96A85} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKCU - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-27] (SafetyNut Inc)
C:\Users\userr\AppData\Local\Temp
End

Ulož do C:\___dokumenty\download jako fixlist.txt. Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj.

#3 Příspěvek od **Pavuk29** » 03 kvě 2014 19:15

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014
Ran by userr at 2014-05-03 20:08:13 Run:1
Running from C:\___dokumenty\download
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: F - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9b5b-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03da9bce-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {03daa44c-040f-11e3-be79-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1678-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {36dc1758-2460-11e3-bead-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {3a68ec2b-0735-11e3-be81-001e101f55e5} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631837-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631862-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631971-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a39-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631a97-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {6a631d69-276e-11e3-beb1-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded0353-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {9ded04bb-3d6e-11e3-bebc-001e101f3457} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {c5ecd393-229d-11e3-beac-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {e2b5d7df-2768-11e3-beae-8434976f8d75} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {eabd4e2a-4075-11e3-bebd-001e101f6ef3} - "F:\AutoRun.exe"
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\...\MountPoints2: {f25b3c75-072c-11e3-be7d-8434976f8d75} - "F:\AutoRun.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetycrt.dll [489992 2014-04-27] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\safetycrt.dll [664584 2014-04-27] ()
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {8E805679-AD2E-430A-8FEF-7F95E3F96A85} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
Toolbar: HKCU - No Name - {8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} - No File
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-27] (SafetyNut Inc)
C:\Users\userr\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3271869029-3981108209-2828370416-1002 => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03da9b5b-040f-11e3-be79-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{03da9b5b-040f-11e3-be79-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03da9bce-040f-11e3-be79-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{03da9bce-040f-11e3-be79-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03daa44c-040f-11e3-be79-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{03daa44c-040f-11e3-be79-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36dc1678-2460-11e3-bead-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{36dc1678-2460-11e3-bead-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36dc1758-2460-11e3-bead-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{36dc1758-2460-11e3-bead-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a68ec2b-0735-11e3-be81-001e101f55e5} => Key deleted successfully.
HKCR\CLSID\{3a68ec2b-0735-11e3-be81-001e101f55e5} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631837-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631837-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631862-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631862-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631971-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631971-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631a39-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631a39-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631a97-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631a97-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a631d69-276e-11e3-beb1-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{6a631d69-276e-11e3-beb1-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ded0353-3d6e-11e3-bebc-001e101f3457} => Key deleted successfully.
HKCR\CLSID\{9ded0353-3d6e-11e3-bebc-001e101f3457} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ded04bb-3d6e-11e3-bebc-001e101f3457} => Key deleted successfully.
HKCR\CLSID\{9ded04bb-3d6e-11e3-bebc-001e101f3457} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5ecd393-229d-11e3-beac-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{c5ecd393-229d-11e3-beac-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2b5d7df-2768-11e3-beae-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{e2b5d7df-2768-11e3-beae-8434976f8d75} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eabd4e2a-4075-11e3-bebd-001e101f6ef3} => Key deleted successfully.
HKCR\CLSID\{eabd4e2a-4075-11e3-bebd-001e101f6ef3} => Key not found.
HKU\S-1-5-21-3271869029-3981108209-2828370416-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f25b3c75-072c-11e3-be7d-8434976f8d75} => Key deleted successfully.
HKCR\CLSID\{f25b3c75-072c-11e3-be7d-8434976f8d75} => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8E805679-AD2E-430A-8FEF-7F95E3F96A85} => Key deleted successfully.
HKCR\CLSID\{8E805679-AD2E-430A-8FEF-7F95E3F96A85} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key deleted successfully.
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Value deleted successfully.
HKCR\CLSID\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Value deleted successfully.
HKCR\CLSID\{8DED72AC-A3A2-4CEF-8E41-589E2F5B3AD3} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19 => Key deleted successfully.
C:\Program Files (x86)\Veetle\plugins\npVeetle.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18 => Key deleted successfully.
C:\Program Files (x86)\Veetle\Player\npvlc.dll => Moved successfully.
CHR DefaultSearchProvider: Ask.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
F06DEFF2-5B9C-490D-910F-35D3A91196222 => Unable to stop service
F06DEFF2-5B9C-490D-910F-35D3A91196222 => Error deleting Service

"C:\Users\userr\AppData\Local\Temp" directory move:

C:\Users\userr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp83poki.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp83poki.lck => Moved successfully.
Could not move "C:\Users\userr\AppData\Local\Temp\JET68FF.tmp" => Scheduled to move on reboot.
C:\Users\userr\AppData\Local\Temp\jst1269.tmp => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsjCA26.tmp => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nspD0DA.tmp => Moved successfully.
C:\Users\userr\AppData\Local\Temp\procexp64.exe => Moved successfully.
C:\Users\userr\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\sfareca00001.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\SFC9B35.tmp => Moved successfully.
Could not move "C:\Users\userr\AppData\Local\Temp\~DFB8E09CE975BC92E7.TMP" => Scheduled to move on reboot.
C:\Users\userr\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully.
C:\Users\userr\AppData\Local\Temp\~nsu.tmp\Bu_.exe => Moved successfully.
C:\Users\userr\AppData\Local\Temp\Skype\DbTemp\temp-rHITj2e7Kx0h6f93ThQ196sT => Moved successfully.
C:\Users\userr\AppData\Local\Temp\Skype\DbTemp\temp-yk5hL1ZVgewWQOGnyGUwGmuZ => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nskB722.tmp\Helper.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nskB722.tmp\nsExec.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nskB722.tmp\registry.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nskB722.tmp\System.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsjAA27.tmp\Helper.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsjAA27.tmp\nsExec.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsjAA27.tmp\registry.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsjAA27.tmp\System.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nshF6ED.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nshF6ED.tmp\nsExec.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nshF6ED.tmp\UAC.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsa6BED.tmp\nsExec.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\nsa6BED.tmp\UAC.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll => Moved successfully.
C:\Users\userr\AppData\Local\Temp\avastBCLTMP\default\Web Data => Moved successfully.
C:\Users\userr\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\userr\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-03 20:10:29)<=

C:\Users\userr\AppData\Local\Temp\JET68FF.tmp => Is moved successfully.
C:\Users\userr\AppData\Local\Temp\~DFB8E09CE975BC92E7.TMP => Is moved successfully.
C:\Users\userr\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

#4 Příspěvek od **Pavuk29** » 03 kvě 2014 19:17

a nejde mi procexp.exe od Sysinternals

#5 Příspěvek od **Pavuk29** » 03 kvě 2014 19:25

Pavuk29 píše:a nejde mi procexp.exe od Sysinternals

uz ide

#6 Příspěvek od **Rudy** » 03 kvě 2014 19:53

Všechno je fuč a jinak tam nic podezřelého nevidím.

#7 Příspěvek od **Pavuk29** » 03 kvě 2014 20:07

este bojujem s touto mrskou
c:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetycrt.dll
adwcleaner sundal obsah adresara ale tato kotuha sa brani

#8 Příspěvek od **motji** » 03 kvě 2014 20:16

Hoď tam ještě mbam

#9 Příspěvek od **Pavuk29** » 03 kvě 2014 20:21

motji píše:Hoď tam ještě mbam

Mbam to ignoruje. Avast to ignoruje. Skusil som pustit na to Eset online scanner, uz to necham dojst. Mna by zaujimalo celkom ako sa mi to podarilo dostat do pocitaca.

#10 Příspěvek od **Rudy** » 03 kvě 2014 21:08

Zkus to Avengerem:

Stahni Avenger zde:
http://swandog46.geekstogo.com/avenger.exe
Spusť a všude souhlas „Yes“
Hlavní okno

dole dej fajfku do obou čtverečků

Do bílého pole napiš:

Folders to delete:
c:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut

a klikni na >Execute<. PC bude restartován.

#11 Příspěvek od **Pavuk29** » 03 kvě 2014 21:32

Fatal error: unsupported version of Windows. This program will run only on windows 2000, XP or Vista.Exiting now

Ja mam W8

#12 Příspěvek od **motji** » 03 kvě 2014 22:05

To ti nejde smazat ručně? Já myslela mbam všeobecně, kvůli tomu nálezu ve FRSTu

#13 Příspěvek od **Pavuk29** » 04 kvě 2014 16:43

motji píše:To ti nejde smazat ručně? Já myslela mbam všeobecně, kvůli tomu nálezu ve FRSTu

zmazem, len sa mi nechce restartovat PC teraz. Nejde to zmazat. Pokusim sa to zmazat v prikazovom riadku

#14 Příspěvek od **Pavuk29** » 05 kvě 2014 09:29

Uz som to povrazdil, dakujem za psychicku podporu

Niekedy sa oplati robit si zalohy

Musel som to vyriesit rucne, Avast mi nic nenasiel a Mbam len sundal cast adresara. Ked som cuvol s bodom obnovy pred udalostami, dalo sa mi to pomazat rucne. Este mam obraz disku spred dvoch tyzdnov ale to uz nebolo nutne

mna by zaujimalo, kde som to nabral, nezvyknem len tak nieco potvrdit. A prvy raz v zivote som bol nuteny pouzit bod obnovy. A blbe bolo ze som nemal cas to riesit naraz a musel prerusovat akcie. Dalsia vec je, ze ked som si googlil co je to za mrsku, nazov adresara sa mi nezhodoval. Tak ak sa s tym niekto budete trapit, skuste posledny funkcny bod obnovy.

VIRY.CZ

Pavukov pocitac :D

Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D

Re: Pavukov pocitac :D