Search protect

[nevimnonick]

Zdravim, chtel bych se zeptat jak se mohu zbavit tohoto smejdu pravdepodobne? Je to nejspise nejaky "doplnek" do prohlizece, no vyskakovali mi okna nevyzadane (ale addblock to blokoval) pak mi tam jeste psal neco na vsech strankach, neco o aplikaci,celkem dlouhe.. no operu jsem preinstaloval a uz to tu neni, ale stale mam tu ikonu zde.. nejde na to kliknout pravym tl. mysi ani to neni v ovladacich panelech, abych to mohl odinstalovat. Jsem totiz instaloval divx a tam to bylo, jenze ty svine tam kam jsem klikl, tak tam udelali prazdne okenko a na to druhe dali fajfku, jakoze to je zaskrtnute, takze sem nevedel co plati.. no zaclo se to instalovat a nejake cerne okynko mi vyskocilo chvilkove, no tak sem to hned vypnul, protoze to neznemena nic dobreho, takze to mam asi nekde v registrech, vedel by nekdo co s tim? Na internetu co jsem hledal, tak me to naslo jiny searchprotect, no a tam byli rady jako ovladaci panely a odinstalovat,atp no to mi nejde ze

Zde je prinstscreen te ikony, na kterou kdyz kliknu levy tlacitkem, tak mi jen vyjede nejaky vyber na nastaveni domovske stranky.. :/ Terminator,avira nenasli nic..

http://prntscr.com/44opdt

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[nevimnonick]

Ok diky, ta ikona tu uz neni po projeti adwcleaner.. ten JRT jsem zkousel jeste pred tim nez jsem sem napsal, neco to smazalo myslim, ale nevim, intaloval jsem vic programu..

# AdwCleaner v3.216 - Report created 21/07/2014 at 15:56:28
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - MICHAL-PC
# Running from : C:\Users\Michal\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : nethfdrv
Service Deleted : ServiceUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Michal\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Michal\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Michal\AppData\Roaming\webssearches
Folder Deleted : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5_user.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5_user
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-6.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-6
File Deleted : C:\Windows\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-7.job
File Deleted : C:\Windows\System32\Tasks\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Opera 12.13 1734.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.13 1734.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\webssearchesSoftware
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1405878063&from=amt&uid=ST500DM002-1BD142_Z2AR6LQ8XXXXZ2AR6LQ8&q={searchTerms}
Deleted [Startup_urls] : hxxp://istart.webssearches.com/?type=hp&ts=1405878063&from=amt&uid=ST500DM002-1BD142_Z2AR6LQ8XXXXZ2AR6LQ8
Deleted [Homepage] : hxxp://istart.webssearches.com/?type=hp&ts=1405878063&from=amt&uid=ST500DM002-1BD142_Z2AR6LQ8XXXXZ2AR6LQ8
Deleted [Extension] : cdihkdldaicijakhchgojcokhpamkibi

*************************

AdwCleaner[R0].txt - [10659 octets] - [21/07/2014 15:55:59]
AdwCleaner[S0].txt - [8249 octets] - [21/07/2014 15:56:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8309 octets] ##########








~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Michal on po 21.07.2014 at 15:49:52,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 21.07.2014 at 15:54:24,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[nevimnonick]

Spustit me to neslo, hodilo me to nejakou chybnou hlasku + avira to detekovala jako vir, tak neslo by to bez toho? Nejake vetsi cisteni tu netreba myslim, no akorat ta ikonka me stvala no, nebo tu mam nejaky zavazny bordel?

[vyosek]

Mate tam hooodne bordelu

Aviru docasne vypnete

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[nevimnonick]

No ok, tak nejprv jsem udelal ten FRST a potom zoek, asi sem to mel udelat v opacnem poradi, ale snad to nevadi Jinak zmizla mi ikona aviry z skrytych ikon, jak ji tam mohu dostat zpet?:/

Jinak co jsem se trochu dival do tech logu, tak tam je furt firefox a google, ja pritom pouzivam jen operu, nekdy dve verze oper.. o te tam nic neni, opera to je ten firefox, nebo na operu se prdi?:D

Jinak kdyztak mi rikejte co muzu mazat, nejak se mi tu ty programy hromadi uz Mam tu ted ten JRT, adcleaner, zoek, frst..

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Michal (administrator) on MICHAL-PC on 22-07-2014 14:00:53
Running from C:\Users\Michal\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Gintaras Didzgalvis) C:\Program Files (x86)\Quick Macros 2\qmserv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
() C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
() C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
() C:\Program Files (x86)\Opera\22.0.1471.70_0\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70_0\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => KHALMNPR.EXE
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {92033f84-3247-11e3-b485-c860006e8f76} - E:\Autorun.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {e90032b1-2cc3-11e3-89d6-806e6f6e6963} - D:\Bin\assetup.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {033B2AE0-99C9-4998-B5BD-98B580087C93} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {133780E0-202A-4A4D-960C-67E980624C9B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {5A3FCFBB-D7AC-40A0-8247-7BC1218257BC} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {8F63A84A-3D19-4788-A1D2-D0EFC598A5CF} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {95EF32ED-DC6A-4B4B-A59D-9AC5B5EC4D9A} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {96DE3221-5E5A-41C7-ADB4-8F71410AF7B7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {A74BF605-B366-447C-B32A-BB032307E59D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {F7F9D533-3E72-417B-A4CD-6435FDF2B8B9} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: webssearches
CHR DefaultNewTabURL:
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi [2014-07-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-21]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-25] ()
R2 quickmacros2; C:\Program Files (x86)\Quick Macros 2\qmserv.exe [60800 2014-02-05] (Gintaras Didzgalvis)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-09-07] (Crawler.com)
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-05] (Disc Soft Ltd)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 qmphook; C:\Program Files (x86)\Quick Macros 2\x64\qmphook.sys [16072 2013-01-29] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-07-21] (Windows (R) Win 7 DDK provider)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-11-02] (Anchorfree Inc.)
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 14:00 - 2014-07-22 14:01 - 00015693 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-07-22 14:00 - 2014-07-22 14:00 - 00000000 ____D () C:\FRST
2014-07-22 13:59 - 2014-07-22 13:59 - 02090496 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-07-21 16:51 - 2014-07-21 16:51 - 00000903 _____ () C:\Users\Michal\Desktop\TESV.lnk
2014-07-21 15:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 15:55 - 2014-07-21 15:56 - 00000000 ____D () C:\AdwCleaner
2014-07-21 15:55 - 2014-07-21 15:55 - 01354223 _____ () C:\Users\Michal\Desktop\adwcleaner_3.216.exe
2014-07-21 15:54 - 2014-07-21 15:54 - 00000632 _____ () C:\Users\Michal\Desktop\JRT.txt
2014-07-21 15:49 - 2014-07-21 15:49 - 01016261 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
2014-07-21 01:05 - 2014-07-22 12:55 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405897538
2014-07-21 01:05 - 2014-07-21 01:05 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-21 01:02 - 2014-07-21 01:03 - 27641968 _____ (Opera Software ASA) C:\Users\Michal\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-21 00:51 - 2014-07-21 16:00 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:57 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-07-20 23:43 - 2014-07-20 23:43 - 04130384 _____ (PC Tools) C:\Users\Michal\Downloads\sdsetup.exe
2014-07-20 23:29 - 2014-07-20 23:29 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Avira
2014-07-20 23:28 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-20 23:28 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-20 23:28 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-20 23:25 - 2014-07-20 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-20 23:25 - 2014-07-20 23:28 - 00000000 ____D () C:\ProgramData\Avira
2014-07-20 23:25 - 2014-07-20 23:28 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-20 23:25 - 2014-07-20 23:25 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michal\Downloads\avira_en_av___ws2.exe
2014-07-20 23:22 - 2014-07-20 23:22 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-07-20 23:22 - 2014-07-20 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG - Antivirus. Internet security 2013 (x86X64) - Pln verze + serial key
2014-07-20 23:22 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncvqfl.exe
2014-07-20 23:22 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncvqfl.exe
2014-07-20 23:22 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-07-20 23:22 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncvqfl.exe
2014-07-20 23:22 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-07-20 23:22 - 2013-06-12 15:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-07-20 23:22 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-07-20 23:22 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-07-20 23:20 - 2014-07-20 23:20 - 04978376 _____ (Crawler.com ) C:\Users\Michal\Downloads\SpywareTerminatorSetup.exe
2014-07-20 23:18 - 2014-07-20 23:18 - 00000687 _____ () C:\awh8C6.tmp
2014-07-20 23:12 - 2014-07-20 23:12 - 00000000 ____D () C:\WINSSLog
2014-07-20 22:57 - 2014-07-20 22:57 - 00000000 _____ () C:\autoexec.bat
2014-07-20 22:56 - 2014-07-20 23:10 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-20 22:56 - 2014-07-20 22:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-20 22:46 - 2014-07-20 22:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:59 - 2014-07-20 19:59 - 00000687 _____ () C:\awhFD80.tmp
2014-07-20 19:58 - 2014-07-20 19:58 - 00000752 _____ () C:\Users\Michal\Desktop\lol.lnk
2014-07-20 19:50 - 2014-07-20 19:50 - 00000687 _____ () C:\awhFA84.tmp
2014-07-20 19:47 - 2014-07-20 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 19:47 - 2014-07-20 19:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-20 19:46 - 2014-07-21 00:50 - 00000000 ____D () C:\Program Files (x86)\HD-V1.9
2014-07-20 19:46 - 2014-07-20 19:46 - 00000000 ____D () C:\Users\Michal\AppData\Local\13957
2014-07-20 19:44 - 2014-07-22 12:49 - 00000504 _____ () C:\Windows\setupact.log
2014-07-20 19:44 - 2014-07-21 15:57 - 00134182 _____ () C:\Windows\PFRO.log
2014-07-20 19:44 - 2014-07-20 19:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 19:40 - 2014-07-20 19:40 - 00000000 ____D () C:\Users\Michal\AppData\Local\12729
2014-07-19 09:58 - 2014-07-19 09:58 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-07-16 20:31 - 2014-07-16 20:31 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-10 22:58 - 2014-07-10 22:58 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-07-10 22:58 - 2014-07-10 22:58 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-10 22:44 - 2014-07-10 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age Of Empires 3 CZ
2014-07-10 22:38 - 2014-07-10 22:44 - 00000000 ____D () C:\Program Files (x86)\Age Of Empires 3
2014-07-10 20:52 - 2014-07-10 20:52 - 00001916 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic II.lnk
2014-07-10 20:52 - 2014-07-10 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic II
2014-07-10 20:52 - 2014-07-10 20:52 - 00000000 ____D () C:\Program Files (x86)\Heroes II
2014-07-10 20:52 - 2010-07-27 21:49 - 206567384 _____ () C:\Users\Michal\Desktop\Heroes2-CZ-Setup.exe
2014-06-29 21:09 - 2014-06-30 01:40 - 00000000 ____D () C:\Users\Michal\Desktop\screeny
2014-06-29 21:08 - 2014-06-30 00:56 - 00000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Users\Michal\Documents\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\ProgramData\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Program Files (x86)\ScreenshotCaptor

==================== One Month Modified Files and Folders =======

2014-07-22 14:01 - 2014-07-22 14:00 - 00015693 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-07-22 14:00 - 2014-07-22 14:00 - 00000000 ____D () C:\FRST
2014-07-22 13:59 - 2014-07-22 13:59 - 02090496 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-07-22 13:13 - 2013-10-04 09:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 13:08 - 2013-10-17 21:11 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 12:57 - 2013-10-11 10:49 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Seznam.cz
2014-07-22 12:57 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 12:57 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 12:55 - 2014-07-21 01:05 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405897538
2014-07-22 12:55 - 2013-10-17 21:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-22 12:54 - 2011-04-12 10:34 - 00676832 _____ () C:\Windows\system32\perfh005.dat
2014-07-22 12:54 - 2011-04-12 10:34 - 00145750 _____ () C:\Windows\system32\perfc005.dat
2014-07-22 12:54 - 2009-07-14 07:13 - 01609294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 12:53 - 2013-11-11 22:54 - 01478592 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 12:52 - 2013-10-04 09:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 12:49 - 2014-07-20 19:44 - 00000504 _____ () C:\Windows\setupact.log
2014-07-22 12:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 04:09 - 2013-10-04 11:04 - 00000000 ____D () C:\Users\Michal\Desktop\Stažené
2014-07-22 03:02 - 2013-10-08 12:11 - 00000000 ____D () C:\Users\Michal\AppData\Local\PMB Files
2014-07-22 03:02 - 2013-10-08 12:11 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-21 16:51 - 2014-07-21 16:51 - 00000903 _____ () C:\Users\Michal\Desktop\TESV.lnk
2014-07-21 16:51 - 2014-02-13 18:06 - 00000000 ____D () C:\TSEV Skyrim LE
2014-07-21 16:00 - 2014-07-21 00:51 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-07-21 15:57 - 2014-07-20 19:44 - 00134182 _____ () C:\Windows\PFRO.log
2014-07-21 15:56 - 2014-07-21 15:55 - 00000000 ____D () C:\AdwCleaner
2014-07-21 15:56 - 2014-06-13 17:00 - 00000979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.13 1734.lnk
2014-07-21 15:56 - 2014-06-13 17:00 - 00000967 _____ () C:\Users\Public\Desktop\Opera 12.13 1734.lnk
2014-07-21 15:56 - 2013-10-04 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-21 15:56 - 2013-10-04 09:17 - 00000971 _____ () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-21 15:55 - 2014-07-21 15:55 - 01354223 _____ () C:\Users\Michal\Desktop\adwcleaner_3.216.exe
2014-07-21 15:54 - 2014-07-21 15:54 - 00000632 _____ () C:\Users\Michal\Desktop\JRT.txt
2014-07-21 15:49 - 2014-07-21 15:49 - 01016261 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
2014-07-21 01:05 - 2014-07-21 01:05 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-21 01:05 - 2013-10-17 21:09 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Opera Software
2014-07-21 01:05 - 2013-10-17 21:09 - 00000000 ____D () C:\Users\Michal\AppData\Local\Opera Software
2014-07-21 01:03 - 2014-07-21 01:02 - 27641968 _____ (Opera Software ASA) C:\Users\Michal\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-21 00:57 - 2014-07-21 00:51 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-07-21 00:50 - 2014-07-20 19:46 - 00000000 ____D () C:\Program Files (x86)\HD-V1.9
2014-07-21 00:49 - 2014-03-06 05:47 - 00000000 ____D () C:\Program Files (x86)\South Park The Stick of Truth
2014-07-20 23:43 - 2014-07-20 23:43 - 04130384 _____ (PC Tools) C:\Users\Michal\Downloads\sdsetup.exe
2014-07-20 23:29 - 2014-07-20 23:29 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Avira
2014-07-20 23:28 - 2014-07-20 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-20 23:28 - 2014-07-20 23:25 - 00000000 ____D () C:\ProgramData\Avira
2014-07-20 23:28 - 2014-07-20 23:25 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-20 23:27 - 2013-10-04 10:05 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-20 23:25 - 2014-07-20 23:25 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Michal\Downloads\avira_en_av___ws2.exe
2014-07-20 23:25 - 2013-10-06 18:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 23:23 - 2013-10-04 11:04 - 00000000 ____D () C:\Users\Michal\Desktop\Extrah
2014-07-20 23:22 - 2014-07-20 23:22 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-07-20 23:22 - 2014-07-20 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG - Antivirus. Internet security 2013 (x86X64) - Pln verze + serial key
2014-07-20 23:20 - 2014-07-20 23:20 - 04978376 _____ (Crawler.com ) C:\Users\Michal\Downloads\SpywareTerminatorSetup.exe
2014-07-20 23:18 - 2014-07-20 23:18 - 00000687 _____ () C:\awh8C6.tmp
2014-07-20 23:12 - 2014-07-20 23:12 - 00000000 ____D () C:\WINSSLog
2014-07-20 23:11 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-20 23:10 - 2014-07-20 22:56 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-20 22:57 - 2014-07-20 22:57 - 00000000 _____ () C:\autoexec.bat
2014-07-20 22:56 - 2014-07-20 22:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-20 22:52 - 2009-07-14 07:08 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 22:46 - 2014-07-20 22:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 19:59 - 2014-07-20 19:59 - 00000687 _____ () C:\awhFD80.tmp
2014-07-20 19:58 - 2014-07-20 19:58 - 00000752 _____ () C:\Users\Michal\Desktop\lol.lnk
2014-07-20 19:51 - 2014-01-31 23:31 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-20 19:51 - 2014-01-31 23:30 - 00000000 ____D () C:\ProgramData\DivX
2014-07-20 19:50 - 2014-07-20 19:50 - 00000687 _____ () C:\awhFA84.tmp
2014-07-20 19:50 - 2014-01-31 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-20 19:50 - 2014-01-31 23:32 - 00000000 ____D () C:\Program Files\DivX
2014-07-20 19:47 - 2014-07-20 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 19:47 - 2014-07-20 19:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-20 19:46 - 2014-07-20 19:46 - 00000000 ____D () C:\Users\Michal\AppData\Local\13957
2014-07-20 19:44 - 2014-07-20 19:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 19:40 - 2014-07-20 19:40 - 00000000 ____D () C:\Users\Michal\AppData\Local\12729
2014-07-20 18:21 - 2013-12-28 17:18 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-07-20 18:21 - 2013-10-12 14:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 18:21 - 2013-10-11 10:48 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2014-07-20 18:20 - 2013-10-06 07:15 - 00000000 ____D () C:\Users\Michal\AppData\Local\Ubisoft Game Launcher
2014-07-19 09:58 - 2014-07-19 09:58 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-07-19 09:58 - 2014-03-01 10:41 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-07-16 20:31 - 2014-07-16 20:31 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-14 14:50 - 2013-12-12 21:38 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-07-10 22:58 - 2014-07-10 22:58 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-07-10 22:58 - 2014-07-10 22:58 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-07-10 22:58 - 2013-10-04 13:21 - 00000000 ____D () C:\Users\Michal\Documents\My Games
2014-07-10 22:46 - 2013-10-04 16:03 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-10 22:44 - 2014-07-10 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age Of Empires 3 CZ
2014-07-10 22:44 - 2014-07-10 22:38 - 00000000 ____D () C:\Program Files (x86)\Age Of Empires 3
2014-07-10 20:52 - 2014-07-10 20:52 - 00001916 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic II.lnk
2014-07-10 20:52 - 2014-07-10 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic II
2014-07-10 20:52 - 2014-07-10 20:52 - 00000000 ____D () C:\Program Files (x86)\Heroes II
2014-07-10 20:48 - 2013-10-06 07:15 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Might & Magic Heroes VI
2014-07-10 02:37 - 2014-06-06 07:42 - 00007101 _____ () C:\Users\Michal\Desktop\pala predmety.txt
2014-07-09 20:22 - 2013-10-17 21:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 20:22 - 2013-10-17 21:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 20:22 - 2013-10-17 21:11 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 10:29 - 2014-05-29 22:59 - 00000000 ____D () C:\Users\Michal\Documents\My QM
2014-07-05 05:49 - 2013-10-05 17:31 - 00000000 ____D () C:\Users\Michal\Desktop\FreeRapid-0.9u2
2014-07-03 00:47 - 2014-05-29 23:49 - 00427436 _____ () C:\Users\Michal\Desktop\kmeny.txt
2014-07-02 13:06 - 2014-07-20 23:28 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-20 23:28 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-20 23:28 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-06-30 02:29 - 2014-06-07 00:17 - 00003015 _____ () C:\Users\Michal\Desktop\Nový textový dokument (2).txt
2014-06-30 01:40 - 2014-06-29 21:09 - 00000000 ____D () C:\Users\Michal\Desktop\screeny
2014-06-30 00:56 - 2014-06-29 21:08 - 00000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Users\Michal\Documents\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\ProgramData\DonationCoder
2014-06-29 21:08 - 2014-06-29 21:08 - 00000000 ____D () C:\Program Files (x86)\ScreenshotCaptor
2014-06-26 14:31 - 2013-11-22 15:25 - 00000000 ____D () C:\Users\Michal\Desktop\Hudba
2014-06-25 17:36 - 2014-06-14 10:58 - 00000000 ____D () C:\Users\Michal\Desktop\Warcraft III

Files to move or delete:
====================
C:\Users\Michal\AppData\Roaming\msconfig.ini


Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\amt_webssearches.exe
C:\Users\Michal\AppData\Local\Temp\avgnt.exe
C:\Users\Michal\AppData\Local\Temp\DivX.Web.Player.Installer__8420_il9134.exe
C:\Users\Michal\AppData\Local\Temp\Quarantine.exe
C:\Users\Michal\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 22:22

==================== End Of Log ============================










Zoek.exe v5.0.0.0 Updated 19-07-2014
Tool run by Michal on Łt 22.07.2014 at 14:04:29,34.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michal\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.7.2014 14:05:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh8C6.tmp deleted
C:\awhFA84.tmp deleted
C:\awhFD80.tmp deleted
C:\Users\Michal\AppData\Roaming\msconfig.ini deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Michal\Searches deleted
"C:\Windows\Installer\99f8b.msi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]


==== Chrome Fix ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{033B2AE0-99C9-4998-B5BD-98B580087C93} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"
{133780E0-202A-4A4D-960C-67E980624C9B} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{5A3FCFBB-D7AC-40A0-8247-7BC1218257BC} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{8F63A84A-3D19-4788-A1D2-D0EFC598A5CF} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{95EF32ED-DC6A-4B4B-A59D-9AC5B5EC4D9A} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{96DE3221-5E5A-41C7-ADB4-8F71410AF7B7} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{A74BF605-B366-447C-B32A-BB032307E59D} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{F7F9D533-3E72-417B-A4CD-6435FDF2B8B9} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:5cc80ce8bdce19a8030b6cb754b67b82 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=172 folders=48 25568840 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michal\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Michal\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 22.07.2014 at 14:13:29,72 ======================

[nevimnonick]

Halo, nezapomelo se tu na me?:)

[vyosek]

Odinstalujte Spyware Terminator

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
  HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
  HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
  HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
  HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {92033f84-3247-11e3-b485-c860006e8f76} - E:\Autorun.exe
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {e90032b1-2cc3-11e3-89d6-806e6f6e6963} - D:\Bin\assetup.exe
  HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
  
  SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
  SearchScopes: HKLM-x32 - DefaultScope value is missing.
  
  CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi [2014-07-20]
  CHR Extension: (Avira Browser Safety) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-21]
  
  S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]
  C:\ProgramData\WindowsMangerProtect
  
  2014-07-21 15:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-07-21 15:55 - 2014-07-21 15:56 - 00000000 ____D () C:\AdwCleaner
  2014-07-21 15:55 - 2014-07-21 15:55 - 01354223 _____ () C:\Users\Michal\Desktop\adwcleaner_3.216.exe
  2014-07-21 15:54 - 2014-07-21 15:54 - 00000632 _____ () C:\Users\Michal\Desktop\JRT.txt
  2014-07-21 15:49 - 2014-07-21 15:49 - 01016261 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
  2014-07-21 00:51 - 2014-07-21 16:00 - 00000000 ____D () C:\ProgramData\Spyware Terminator
  2014-07-21 00:51 - 2014-07-21 00:57 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
  2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Spyware Terminator
  2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
  2014-07-20 23:43 - 2014-07-20 23:43 - 04130384 _____ (PC Tools) C:\Users\Michal\Downloads\sdsetup.exe
  2014-07-20 23:22 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncvqfl.exe
  2014-07-20 23:22 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncvqfl.exe
  2014-07-20 23:22 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
  2014-07-20 23:22 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
  2014-07-20 23:22 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
  2014-07-20 23:22 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
  2014-07-20 23:22 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
  2014-07-20 23:22 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
  2014-07-20 23:22 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncvqfl.exe
  2014-07-20 23:20 - 2014-07-20 23:20 - 04978376 _____ (Crawler.com ) C:\Users\Michal\Downloads\SpywareTerminatorSetup.exe
  2014-07-20 23:18 - 2014-07-20 23:18 - 00000687 _____ () C:\awh8C6.tmp
  2014-07-20 22:56 - 2014-07-20 22:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
  C:\Users\Michal\AppData\Roaming\msconfig.ini
  
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[nevimnonick]

Proc ten spyware odinstalovat by to blokoval? Ho zas nainstaluju ano?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014 01
Ran by Michal at 2014-07-25 15:12:45 Run:1
Running from C:\Users\Michal\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {92033f84-3247-11e3-b485-c860006e8f76} - E:\Autorun.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {e90032b1-2cc3-11e3-89d6-806e6f6e6963} - D:\Bin\assetup.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.

CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi [2014-07-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-21]

S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X]
C:\ProgramData\WindowsMangerProtect

2014-07-21 15:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 15:55 - 2014-07-21 15:56 - 00000000 ____D () C:\AdwCleaner
2014-07-21 15:55 - 2014-07-21 15:55 - 01354223 _____ () C:\Users\Michal\Desktop\adwcleaner_3.216.exe
2014-07-21 15:54 - 2014-07-21 15:54 - 00000632 _____ () C:\Users\Michal\Desktop\JRT.txt
2014-07-21 15:49 - 2014-07-21 15:49 - 01016261 _____ (Thisisu) C:\Users\Michal\Desktop\JRT.exe
2014-07-21 00:51 - 2014-07-21 16:00 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:57 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Spyware Terminator
2014-07-21 00:51 - 2014-07-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-07-20 23:43 - 2014-07-20 23:43 - 04130384 _____ (PC Tools) C:\Users\Michal\Downloads\sdsetup.exe
2014-07-20 23:22 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncvqfl.exe
2014-07-20 23:22 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncvqfl.exe
2014-07-20 23:22 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-07-20 23:22 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-07-20 23:22 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-07-20 23:22 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncvqfl.exe
2014-07-20 23:20 - 2014-07-20 23:20 - 04978376 _____ (Crawler.com ) C:\Users\Michal\Downloads\SpywareTerminatorSetup.exe
2014-07-20 23:18 - 2014-07-20 23:18 - 00000687 _____ () C:\awh8C6.tmp
2014-07-20 22:56 - 2014-07-20 22:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
C:\Users\Michal\AppData\Roaming\msconfig.ini

Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GarenaPlus => value deleted successfully.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92033f84-3247-11e3-b485-c860006e8f76}" => Key deleted successfully.
"HKCR\CLSID\{92033f84-3247-11e3-b485-c860006e8f76}" => Key not found.
"HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e90032b1-2cc3-11e3-89d6-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{e90032b1-2cc3-11e3-89d6-806e6f6e6963}" => Key not found.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi => Moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk directory not found.
WindowsMangerProtect => Service not found.
"C:\ProgramData\WindowsMangerProtect" => File/Directory not found.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Michal\Desktop\adwcleaner_3.216.exe => Moved successfully.
C:\Users\Michal\Desktop\JRT.txt => Moved successfully.
C:\Users\Michal\Desktop\JRT.exe => Moved successfully.
"C:\ProgramData\Spyware Terminator" => File/Directory not found.
"C:\Program Files (x86)\Spyware Terminator" => File/Directory not found.
"C:\Users\Michal\AppData\Roaming\Spyware Terminator" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012" => File/Directory not found.
C:\Users\Michal\Downloads\sdsetup.exe => Moved successfully.
C:\Windows\SysWOW64\acumncvqfl.exe => Moved successfully.
C:\Windows\SysWOW64\libeay32.dll => Moved successfully.
C:\Windows\SysWOW64\dcgmncvqfl.exe => Moved successfully.
C:\Windows\SysWOW64\libcurl-4.dll => Moved successfully.
C:\Windows\SysWOW64\ssleay32.dll => Moved successfully.
C:\Windows\SysWOW64\libidn-11.dll => Moved successfully.
C:\Windows\SysWOW64\libssh2.dll => Moved successfully.
C:\Windows\SysWOW64\librtmp.dll => Moved successfully.
C:\Windows\SysWOW64\diablo130302.cl => Moved successfully.
C:\Windows\SysWOW64\poclbm130302.cl => Moved successfully.
C:\Windows\SysWOW64\diakgcn121016.cl => Moved successfully.
C:\Windows\SysWOW64\scrypt130511.cl => Moved successfully.
C:\Windows\SysWOW64\phatk121016.cl => Moved successfully.
C:\Windows\SysWOW64\lcpmncvqfl.exe => Moved successfully.
C:\Users\Michal\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
"C:\awh8C6.tmp" => File/Directory not found.
C:\Program Files\Enigma Software Group => Moved successfully.
"C:\Users\Michal\AppData\Roaming\msconfig.ini" => File/Directory not found.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Spyware Terminator ma uz davno nejlepší leta za sebou a poslední tri roky jiz není co byval...

Jak se chova jinak PC???

[nevimnonick]

No ironie je, ze jsem ho nainstaloval prave kvuli vasemu doporuceni na techto strankach
http://forum.viry.cz/viewtopic.php?f=29&t=6152

No PC v pohode no, trochu rychlejsi je.. ale ja to moc nemam jak poznat.. ale dekuji za cas no, hlavne ze ten smejd z browseru je pryc

Jinak co jineho by jste mohl doporucit teda kdyz ne terminator? A mel bych nainstalovat jeste neco? Kdyztak jen free programy Mam tu jen aviru ted..

Jinak Zoek a FRST muzu odinstalovat normalnim zpusobem?

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Na obcasny sken muzete pouzit MBAM http://forum.viry.cz/viewtopic.php?f=29&t=137928

A pokud nejsou problemy ci dotazy, je to z me strany vse

[nevimnonick]

Dobra, tak jo dekuju.. myslim ze z me strany to je take vse

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat