setupdatamngr_koyote

Zpráva

FanaticosM · #16 Příspěvek od **FanaticosM** » 28 kvě 2014 08:16

vyosek píše:A proc si resite sam sluzebni\firemni PC a nedate to odpovednemu IT technikovi, ktery je za to placen...Delame to za nej ja i vy zdarma

Jeste tam nejaka prace je..

protože IT tady není žádný

když si to nevyřeším sám, tak to za mě nikdo neudělá

#17 Příspěvek od **vyosek** » 28 kvě 2014 09:57

Pak je to ale veci nadrizenych a odpovedneho managementu, PC musi byt nekym "spravovano"

Dneska to dokoncime, ale priste bude pomoc s firemnim PC na zaklade pravidel fora odmitnuta

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

FanaticosM · #18 Příspěvek od **FanaticosM** » 28 kvě 2014 11:31

hlásí mi FRST luncher že není platna aplikace typu Win32

#19 Příspěvek od **vyosek** » 28 kvě 2014 15:41

Spustte tedy jen FRST

FanaticosM · #20 Příspěvek od **FanaticosM** » 29 kvě 2014 05:52

vyosek píše:Spustte tedy jen FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Pisklak (administrator) on PISKLAKNTB on 29-05-2014 06:50:43
Running from C:\Users\Pisklak\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(QIP.ru) C:\Program Files (x86)\QipGuard\QipGuard.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Update\GoogleUpdate.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(QIP) C:\Program Files (x86)\QIP 2012\qip.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Farbar) C:\Users\Pisklak\Downloads\FRST64 (2).exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2010-12-23] (Intel(R) Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [DFEPApplication] => c:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077272 2011-08-25] (Dell Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [257392 2011-05-28] (Wave Systems Corp.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462993 2010-03-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Google Update] => C:\Users\Pisklak\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-02] (Google Inc.)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {2517316E-1A11-4511-B5D9-007D8516866A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Users\Pisklak\AppData\Roaming\Mozilla\Firefox\Profiles\1lo7snwp.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "autoconfig_url", ""
FF NetworkProxy: "http", ""
FF NetworkProxy: "http_port", ""
FF NetworkProxy: "type", ""
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.1.13 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pisklak\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pisklak\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pisklak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Pisklak\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Address Bar Search - C:\Users\Pisklak\AppData\Roaming\Mozilla\Firefox\Profiles\1lo7snwp.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-09-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-24]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-11]
CHR Extension: (Disk Google) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-11]
CHR Extension: (YouTube) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-11]
CHR Extension: (Skype Click to Call) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-11]
CHR Extension: (Peněženka Google) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-11]
CHR Extension: (Gmail) - C:\Users\Pisklak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Pisklak\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-30] (Broadcom Corporation)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2279320 2011-08-25] (Dell Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [191440 2011-10-12] (QIP.ru)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] ()
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2010-12-23] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-19] (AVG Technologies)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-21] (DT Soft Ltd)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-29 06:47 - 2014-05-29 06:47 - 02066944 _____ (Farbar) C:\Users\Pisklak\Downloads\FRST64 (2).exe
2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0WM5VL
2014-05-28 14:40 - 2014-05-28 14:40 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0VGW43
2014-05-28 12:27 - 2014-05-28 12:27 - 02066944 _____ (Farbar) C:\Users\Pisklak\Downloads\FRST64 (1).exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Downloads\FRSTLauncher.exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Desktop\FRSTLauncher.exe
2014-05-28 08:14 - 2014-05-28 08:14 - 00000000 ____D () C:\Users\Pisklak\.android
2014-05-28 08:10 - 2014-05-28 08:10 - 00000099 _____ () C:\files.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000079 _____ () C:\folders.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000000 ____D () C:\zoek
2014-05-28 07:57 - 2014-05-28 08:11 - 00024813 _____ () C:\zoek-results.log
2014-05-28 07:55 - 2014-05-28 08:09 - 00000000 ____D () C:\zoek_backup
2014-05-28 07:55 - 2014-05-28 07:55 - 01285120 _____ () C:\Users\Pisklak\Downloads\zoek.exe
2014-05-28 07:55 - 2014-05-28 07:55 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0GZ7FP
2014-05-28 07:43 - 2014-05-28 08:14 - 00001170 _____ () C:\Windows\PFRO.log
2014-05-28 07:43 - 2014-05-28 08:14 - 00000168 _____ () C:\Windows\setupact.log
2014-05-28 07:43 - 2014-05-28 07:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-28 07:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-28 07:38 - 2014-05-28 07:48 - 00000000 ____D () C:\AdwCleaner
2014-05-28 07:38 - 2014-05-28 07:38 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211 (1).exe
2014-05-28 07:38 - 2014-05-28 07:38 - 00003235 _____ () C:\Users\Pisklak\Desktop\JRT.txt
2014-05-28 07:30 - 2014-05-28 07:30 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211.exe
2014-05-28 07:29 - 2014-05-28 07:29 - 01016261 _____ (Thisisu) C:\Users\Pisklak\Downloads\JRT (1).exe
2014-05-28 07:29 - 2014-05-28 07:29 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0G1XDC
2014-05-28 07:18 - 2014-05-28 07:18 - 00832273 _____ () C:\Users\Pisklak\Downloads\RSITx64 (2).exe
2014-05-28 07:18 - 2014-05-28 07:18 - 00000000 ____D () C:\rsit
2014-05-28 06:48 - 2014-05-28 06:48 - 00000000 ____D () C:\@RestoreQuarantine
2014-05-28 06:46 - 2014-05-28 06:50 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-05-28 06:46 - 2014-05-28 06:48 - 00000000 ____D () C:\Users\Pisklak\Documents\RegRun2
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2014-05-28 06:45 - 2014-05-28 06:45 - 15295838 _____ () C:\Users\Pisklak\Downloads\unhackme.zip
2014-05-27 15:20 - 2014-05-27 15:20 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42T0WW12S
2014-05-26 15:24 - 2014-05-26 15:24 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42S0X1GNU
2014-05-23 12:49 - 2014-05-23 12:49 - 00031344 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy2.sys
2014-05-23 12:49 - 2014-05-23 12:49 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42P0RI7HM
2014-05-23 12:47 - 2014-05-23 12:47 - 04242352 _____ () C:\Users\Pisklak\Downloads\ConnectifyInstaller.exe
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42P0O6DLV
2014-05-22 12:53 - 2014-05-22 12:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42O0RMVXP
2014-05-21 12:53 - 2014-05-21 12:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42N0RMRV0
2014-05-19 15:26 - 2014-05-19 15:26 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42L0X2UL9
2014-05-19 11:50 - 2014-05-19 11:50 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42L0PDRFU
2014-05-16 15:15 - 2014-05-16 15:15 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42I0WOTXS
2014-05-14 15:21 - 2014-05-14 15:21 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42G0WWKB4
2014-05-14 11:48 - 2014-05-14 11:48 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42G0PAJZJ
2014-05-11 17:01 - 2014-05-11 17:35 - 312579218 _____ () C:\Users\Pisklak\Downloads\Trabantem-Jižní-Amerikou-(2).avi
2014-05-11 15:43 - 2014-05-11 16:18 - 313528320 _____ () C:\Users\Pisklak\Downloads\Trabantem-Jižní-Amerikou-(01).avi
2014-05-10 14:35 - 2014-05-10 14:35 - 00008518 _____ () C:\Users\Pisklak\Downloads\elox001.odt
2014-05-08 19:29 - 2014-05-08 21:09 - 911367668 _____ () C:\Users\Pisklak\Downloads\Habermanův-mlýn---cz-film---C.M.M..avi
2014-05-07 15:18 - 2014-05-07 15:18 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4290WSK2J
2014-05-07 13:53 - 2014-05-07 13:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4290TRVQW
2014-05-05 20:25 - 2014-05-05 20:25 - 08155792 _____ (GoldWave Inc.) C:\Users\Pisklak\Downloads\gwave570.exe
2014-05-05 20:25 - 2014-05-05 20:25 - 00000744 _____ () C:\Users\Pisklak\Desktop\GoldWave.lnk
2014-05-05 20:25 - 2014-05-05 20:25 - 00000000 ____D () C:\Users\Pisklak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoldWave
2014-05-05 20:25 - 2014-05-05 20:25 - 00000000 ____D () C:\Program Files (x86)\GoldWave
2014-05-05 15:24 - 2014-05-05 15:24 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4270X0T3C
2014-05-05 11:39 - 2014-05-05 11:39 - 00379904 _____ () C:\Users\Pisklak\Downloads\riskuj.ppt
2014-04-30 15:20 - 2014-04-30 15:20 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4220WVGUA
2014-04-30 09:15 - 2014-04-30 09:25 - 00264781 _____ () C:\Users\Pisklak\Downloads\domecekaja.rap
2014-04-29 15:21 - 2014-04-29 15:21 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4210WWPQD

==================== One Month Modified Files and Folders =======

2014-05-29 06:50 - 2013-11-23 09:30 - 00024462 _____ () C:\Users\Pisklak\Downloads\FRST.txt
2014-05-29 06:50 - 2013-11-23 09:30 - 00000000 ____D () C:\FRST
2014-05-29 06:50 - 2012-02-01 15:07 - 00000000 ____D () C:\Users\Pisklak\Documents\Soubory aplikace Outlook
2014-05-29 06:47 - 2014-05-29 06:47 - 02066944 _____ (Farbar) C:\Users\Pisklak\Downloads\FRST64 (2).exe
2014-05-29 06:38 - 2012-02-01 15:28 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-05-29 06:34 - 2012-03-02 19:09 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3893927088-911321928-723212318-1000UA.job
2014-05-29 06:34 - 2012-03-02 19:09 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3893927088-911321928-723212318-1000Core.job
2014-05-29 06:34 - 2012-01-25 18:27 - 01512309 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0WM5VL
2014-05-28 14:40 - 2014-05-28 14:40 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0VGW43
2014-05-28 12:36 - 2009-07-14 06:45 - 00025040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 12:36 - 2009-07-14 06:45 - 00025040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 12:27 - 2014-05-28 12:27 - 02066944 _____ (Farbar) C:\Users\Pisklak\Downloads\FRST64 (1).exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Downloads\FRSTLauncher.exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Desktop\FRSTLauncher.exe
2014-05-28 08:19 - 2010-11-21 11:27 - 00666444 _____ () C:\Windows\system32\perfh005.dat
2014-05-28 08:19 - 2010-11-21 11:27 - 00140108 _____ () C:\Windows\system32\perfc005.dat
2014-05-28 08:19 - 2009-07-14 07:13 - 01576554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 08:15 - 2014-03-31 07:50 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\HTC MediaHub
2014-05-28 08:14 - 2014-05-28 08:14 - 00000000 ____D () C:\Users\Pisklak\.android
2014-05-28 08:14 - 2014-05-28 07:43 - 00001170 _____ () C:\Windows\PFRO.log
2014-05-28 08:14 - 2014-05-28 07:43 - 00000168 _____ () C:\Windows\setupact.log
2014-05-28 08:14 - 2012-02-01 13:40 - 00000000 ____D () C:\Users\Pisklak
2014-05-28 08:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 08:11 - 2014-05-28 08:06 - 00000079 _____ () C:\folders.log
2014-05-28 08:11 - 2014-05-28 08:06 - 00000000 ____D () C:\zoek
2014-05-28 08:11 - 2014-05-28 07:57 - 00024813 _____ () C:\zoek-results.log
2014-05-28 08:10 - 2014-05-28 08:10 - 00000099 _____ () C:\files.log
2014-05-28 08:09 - 2014-05-28 07:55 - 00000000 ____D () C:\zoek_backup
2014-05-28 07:55 - 2014-05-28 07:55 - 01285120 _____ () C:\Users\Pisklak\Downloads\zoek.exe
2014-05-28 07:55 - 2014-05-28 07:55 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0GZ7FP
2014-05-28 07:48 - 2014-05-28 07:38 - 00000000 ____D () C:\AdwCleaner
2014-05-28 07:45 - 2012-01-26 02:25 - 00000000 ____D () C:\ProgramData\Sonic
2014-05-28 07:43 - 2014-05-28 07:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-28 07:43 - 2013-06-06 10:45 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-05-28 07:43 - 2009-07-14 07:08 - 00032528 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-28 07:38 - 2014-05-28 07:38 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211 (1).exe
2014-05-28 07:38 - 2014-05-28 07:38 - 00003235 _____ () C:\Users\Pisklak\Desktop\JRT.txt
2014-05-28 07:30 - 2014-05-28 07:30 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211.exe
2014-05-28 07:29 - 2014-05-28 07:29 - 01016261 _____ (Thisisu) C:\Users\Pisklak\Downloads\JRT (1).exe
2014-05-28 07:29 - 2014-05-28 07:29 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0G1XDC
2014-05-28 07:18 - 2014-05-28 07:18 - 00832273 _____ () C:\Users\Pisklak\Downloads\RSITx64 (2).exe
2014-05-28 07:18 - 2014-05-28 07:18 - 00000000 ____D () C:\rsit
2014-05-28 07:18 - 2013-04-12 19:13 - 00000000 ____D () C:\Program Files\trend micro
2014-05-28 06:52 - 2014-04-10 08:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 06:52 - 2013-08-07 07:35 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\CrashDumps
2014-05-28 06:50 - 2014-05-28 06:46 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-05-28 06:48 - 2014-05-28 06:48 - 00000000 ____D () C:\@RestoreQuarantine
2014-05-28 06:48 - 2014-05-28 06:46 - 00000000 ____D () C:\Users\Pisklak\Documents\RegRun2
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2014-05-28 06:45 - 2014-05-28 06:45 - 15295838 _____ () C:\Users\Pisklak\Downloads\unhackme.zip
2014-05-27 15:20 - 2014-05-27 15:20 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42T0WW12S
2014-05-27 13:16 - 2012-02-02 10:43 - 00000000 ____D () C:\!docasne
2014-05-26 15:24 - 2014-05-26 15:24 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42S0X1GNU
2014-05-24 00:08 - 2012-02-16 10:48 - 00000000 ____D () C:\Users\Pisklak\AppData\Roaming\Skype
2014-05-23 22:58 - 2012-02-16 10:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-23 22:58 - 2012-02-16 10:48 - 00000000 ____D () C:\ProgramData\Skype
2014-05-23 12:49 - 2014-05-23 12:49 - 00031344 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy2.sys
2014-05-23 12:49 - 2014-05-23 12:49 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42P0RI7HM
2014-05-23 12:47 - 2014-05-23 12:47 - 04242352 _____ () C:\Users\Pisklak\Downloads\ConnectifyInstaller.exe
2014-05-23 11:16 - 2014-05-23 11:16 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42P0O6DLV
2014-05-22 12:53 - 2014-05-22 12:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42O0RMVXP
2014-05-21 12:53 - 2014-05-21 12:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42N0RMRV0
2014-05-21 12:04 - 2012-02-06 12:04 - 00000000 ____D () C:\install
2014-05-19 15:26 - 2014-05-19 15:26 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42L0X2UL9
2014-05-19 11:50 - 2014-05-19 11:50 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42L0PDRFU
2014-05-16 15:15 - 2014-05-16 15:15 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42I0WOTXS
2014-05-14 15:21 - 2014-05-14 15:21 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42G0WWKB4
2014-05-14 11:48 - 2014-05-14 11:48 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42G0PAJZJ
2014-05-11 17:35 - 2014-05-11 17:01 - 312579218 _____ () C:\Users\Pisklak\Downloads\Trabantem-Jižní-Amerikou-(2).avi
2014-05-11 16:18 - 2014-05-11 15:43 - 313528320 _____ () C:\Users\Pisklak\Downloads\Trabantem-Jižní-Amerikou-(01).avi
2014-05-10 14:35 - 2014-05-10 14:35 - 00008518 _____ () C:\Users\Pisklak\Downloads\elox001.odt
2014-05-08 21:09 - 2014-05-08 19:29 - 911367668 _____ () C:\Users\Pisklak\Downloads\Habermanův-mlýn---cz-film---C.M.M..avi
2014-05-07 23:00 - 2012-03-02 19:09 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3893927088-911321928-723212318-1000UA
2014-05-07 23:00 - 2012-03-02 19:09 - 00003548 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3893927088-911321928-723212318-1000Core
2014-05-07 15:26 - 2012-02-01 14:48 - 00000000 ____D () C:\Mirek
2014-05-07 15:18 - 2014-05-07 15:18 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4290WSK2J
2014-05-07 13:53 - 2014-05-07 13:53 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4290TRVQW
2014-05-05 21:08 - 2012-10-28 12:58 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-05-05 20:49 - 2012-07-24 16:20 - 00059904 _____ () C:\Users\Pisklak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-05 20:25 - 2014-05-05 20:25 - 08155792 _____ (GoldWave Inc.) C:\Users\Pisklak\Downloads\gwave570.exe
2014-05-05 20:25 - 2014-05-05 20:25 - 00000744 _____ () C:\Users\Pisklak\Desktop\GoldWave.lnk
2014-05-05 20:25 - 2014-05-05 20:25 - 00000000 ____D () C:\Users\Pisklak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoldWave
2014-05-05 20:25 - 2014-05-05 20:25 - 00000000 ____D () C:\Program Files (x86)\GoldWave
2014-05-05 15:24 - 2014-05-05 15:24 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4270X0T3C
2014-05-05 11:39 - 2014-05-05 11:39 - 00379904 _____ () C:\Users\Pisklak\Downloads\riskuj.ppt
2014-05-02 22:36 - 2014-02-17 09:42 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\Room Arranger
2014-04-30 15:20 - 2014-04-30 15:20 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4220WVGUA
2014-04-30 09:25 - 2014-04-30 09:15 - 00264781 _____ () C:\Users\Pisklak\Downloads\domecekaja.rap
2014-04-29 15:21 - 2014-04-29 15:21 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_4210WWPQD

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-29 06:34

==================== End Of Log ============================

#21 Příspěvek od **vyosek** » 29 kvě 2014 21:45

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Google Update] => C:\Users\Pisklak\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-02] (Google Inc.)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKCU - DefaultScope {2517316E-1A11-4511-B5D9-007D8516866A} URL = 

FF NetworkProxy: "autoconfig_url", ""
FF NetworkProxy: "http", ""
FF NetworkProxy: "http_port", ""
FF NetworkProxy: "type", ""
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

R2 QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [191440 2011-10-12] (QIP.ru)
C:\Program Files (x86)\QipGuard

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0WM5VL
2014-05-28 14:40 - 2014-05-28 14:40 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0VGW43
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Downloads\FRSTLauncher.exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Desktop\FRSTLauncher.exe
014-05-28 08:10 - 2014-05-28 08:10 - 00000099 _____ () C:\files.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000079 _____ () C:\folders.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000000 ____D () C:\zoek
2014-05-28 07:57 - 2014-05-28 08:11 - 00024813 _____ () C:\zoek-results.log
2014-05-28 07:55 - 2014-05-28 08:09 - 00000000 ____D () C:\zoek_backup
2014-05-28 07:55 - 2014-05-28 07:55 - 01285120 _____ () C:\Users\Pisklak\Downloads\zoek.exe
2014-05-28 07:55 - 2014-05-28 07:55 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0GZ7FP
2014-05-28 07:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-28 07:38 - 2014-05-28 07:48 - 00000000 ____D () C:\AdwCleaner
2014-05-28 07:38 - 2014-05-28 07:38 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211 (1).exe
2014-05-28 07:38 - 2014-05-28 07:38 - 00003235 _____ () C:\Users\Pisklak\Desktop\JRT.txt
2014-05-28 07:30 - 2014-05-28 07:30 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211.exe
2014-05-28 07:29 - 2014-05-28 07:29 - 01016261 _____ (Thisisu) C:\Users\Pisklak\Downloads\JRT (1).exe
2014-05-28 07:29 - 2014-05-28 07:29 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0G1XDC
2014-05-28 07:18 - 2014-05-28 07:18 - 00832273 _____ () C:\Users\Pisklak\Downloads\RSITx64 (2).exe
2014-05-28 07:18 - 2014-05-28 07:18 - 00000000 ____D () C:\rsit
2014-05-28 06:48 - 2014-05-28 06:48 - 00000000 ____D () C:\@RestoreQuarantine
2014-05-28 06:46 - 2014-05-28 06:50 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\winstart.bat

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

FanaticosM · #22 Příspěvek od **FanaticosM** » 30 kvě 2014 07:05

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Pisklak at 2014-05-30 08:05:22 Run:1
Running from C:\Users\Pisklak\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [NSU_agent] => C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Google Update] => C:\Users\Pisklak\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-02] (Google Inc.)
HKU\S-1-5-21-3893927088-911321928-723212318-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKCU - DefaultScope {2517316E-1A11-4511-B5D9-007D8516866A} URL =

FF NetworkProxy: "autoconfig_url", ""
FF NetworkProxy: "http", ""
FF NetworkProxy: "http_port", ""
FF NetworkProxy: "type", ""
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

R2 QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [191440 2011-10-12] (QIP.ru)
C:\Program Files (x86)\QipGuard

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

2014-05-28 15:13 - 2014-05-28 15:13 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0WM5VL
2014-05-28 14:40 - 2014-05-28 14:40 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0VGW43
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Downloads\FRSTLauncher.exe
2014-05-28 12:27 - 2014-05-28 12:27 - 00000000 _____ () C:\Users\Pisklak\Desktop\FRSTLauncher.exe
014-05-28 08:10 - 2014-05-28 08:10 - 00000099 _____ () C:\files.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000079 _____ () C:\folders.log
2014-05-28 08:06 - 2014-05-28 08:11 - 00000000 ____D () C:\zoek
2014-05-28 07:57 - 2014-05-28 08:11 - 00024813 _____ () C:\zoek-results.log
2014-05-28 07:55 - 2014-05-28 08:09 - 00000000 ____D () C:\zoek_backup
2014-05-28 07:55 - 2014-05-28 07:55 - 01285120 _____ () C:\Users\Pisklak\Downloads\zoek.exe
2014-05-28 07:55 - 2014-05-28 07:55 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0GZ7FP
2014-05-28 07:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-28 07:38 - 2014-05-28 07:48 - 00000000 ____D () C:\AdwCleaner
2014-05-28 07:38 - 2014-05-28 07:38 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211 (1).exe
2014-05-28 07:38 - 2014-05-28 07:38 - 00003235 _____ () C:\Users\Pisklak\Desktop\JRT.txt
2014-05-28 07:30 - 2014-05-28 07:30 - 01327971 _____ () C:\Users\Pisklak\Downloads\adwcleaner_3.211.exe
2014-05-28 07:29 - 2014-05-28 07:29 - 01016261 _____ (Thisisu) C:\Users\Pisklak\Downloads\JRT (1).exe
2014-05-28 07:29 - 2014-05-28 07:29 - 00000000 ____D () C:\Users\Pisklak\AppData\Local\TEMP_42U0G1XDC
2014-05-28 07:18 - 2014-05-28 07:18 - 00832273 _____ () C:\Users\Pisklak\Downloads\RSITx64 (2).exe
2014-05-28 07:18 - 2014-05-28 07:18 - 00000000 ____D () C:\rsit
2014-05-28 06:48 - 2014-05-28 06:48 - 00000000 ____D () C:\@RestoreQuarantine
2014-05-28 06:46 - 2014-05-28 06:50 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-05-28 06:46 - 2014-05-28 06:46 - 00000002 RSHOT () C:\Windows\winstart.bat

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl9 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDVD9LanguageShortcut => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NSU_agent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager => Value deleted successfully.
HKU\S-1-5-21-3893927088-911321928-723212318-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Xvid => Value deleted successfully.
HKU\S-1-5-21-3893927088-911321928-723212318-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\S-1-5-21-3893927088-911321928-723212318-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Program Files (x86)\AVG\AVG2012\Firefox4\ => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
QipGuard => Service stopped successfully.
QipGuard => Service deleted successfully.
C:\Program Files (x86)\QipGuard => Moved successfully.
catchme => Service deleted successfully.
Partizan => Service deleted successfully.
C:\Users\Pisklak\AppData\Local\TEMP_42U0WM5VL => Moved successfully.
C:\Users\Pisklak\AppData\Local\TEMP_42U0VGW43 => Moved successfully.
C:\Users\Pisklak\Downloads\FRSTLauncher.exe => Moved successfully.
"C:\Users\Pisklak\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Pisklak\Downloads\zoek.exe => Moved successfully.
C:\Users\Pisklak\AppData\Local\TEMP_42U0GZ7FP => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pisklak\Downloads\adwcleaner_3.211 (1).exe => Moved successfully.
C:\Users\Pisklak\Desktop\JRT.txt => Moved successfully.
C:\Users\Pisklak\Downloads\adwcleaner_3.211.exe => Moved successfully.
C:\Users\Pisklak\Downloads\JRT (1).exe => Moved successfully.
C:\Users\Pisklak\AppData\Local\TEMP_42U0G1XDC => Moved successfully.
C:\Users\Pisklak\Downloads\RSITx64 (2).exe => Moved successfully.
C:\rsit => Moved successfully.
C:\@RestoreQuarantine => Moved successfully.
C:\Program Files (x86)\UnHackMe => Moved successfully.
C:\Windows\winstart.bat => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#23 Příspěvek od **vyosek** » 30 kvě 2014 10:25

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

FanaticosM · #24 Příspěvek od **FanaticosM** » 30 kvě 2014 13:07

děkuji moc za Vaši péči !! byl jste skvělý !!!!

#25 Příspěvek od **vyosek** » 30 kvě 2014 13:17

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote

Re: setupdatamngr_koyote