Ahoj
posielam ten súbor
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-11-2014
Ran by Zigulo at 2014-11-02 12:57:14 Run:1
Running from C:\Users\Zigulo\Desktop\Nový priečinok
Loaded Profile: Zigulo (Available profiles: Zigulo)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Google\Google Toolbar
c:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
FF Plugin: @microsoft.com/GENUINE -> disabled No File
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Zigulo\AppData\Local\Temp
End
*****************
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
c:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\wia" => Key deleted successfully.
"HKCR\CLSID\{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"C:\Users\Zigulo\AppData\Local\Temp" directory move:
C:\Users\Zigulo\AppData\Local\Temp\ACIS.ac$ => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\ChlpekNov+íky-RD- Rez n+ívrh_1_1_2233.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\CSOFQ.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\dat8557.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\dat8567.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\dat8578.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\dat8588.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\DIO2CA4.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\DIO715F.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Zigulo\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Zigulo\AppData\Local\Temp\gst6E4E.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gst6E6E.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gst8E4C.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gst8E6D.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gst9724.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gstA47F.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gstA490.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\gstB66C.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\hpqddusr.log => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Kucka PSP_1_1_1654.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Kucka PSP_1_1_2871.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Kucka PSP_1_1_3176.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Kucka PSP_1_1_4014.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Kucka PSP_1_1_8424.bak => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\LCFOR.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR3320.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR33BD.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR34A6.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR35DF.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR4E2E.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR4F48.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR7731.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR77A0.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR958A.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR9646.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR9693.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAR9A6B.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARA0E0.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARA238.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARA5EF.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARA728.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARA968.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARAB7B.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB328.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB3E3.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB461.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB5A8.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB691.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB76D.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB8A5.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARB912.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARD71C.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARD893.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARD9E9.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARDAC5.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARE0AD.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARE179.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MAREFCA.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARF0B5.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARF5E2.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MARF71B.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MpSigStub.log => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\MTYCQH.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\NHKAVWC.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\RedboxLog.txt => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\REDO.ac$ => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\UNDO.ac$ => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\utt37B4.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\utt37B7.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\utt4B34.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\utt4B83.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\utt4B85.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\ws_Crypto_20141031_0.log => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\ws_Crypto_20141101_0.log => Moved successfully.
Could not move "C:\Users\Zigulo\AppData\Local\Temp\ws_Crypto_20141102_0.log" => Scheduled to move on reboot.
C:\Users\Zigulo\AppData\Local\Temp\{19D8AE8E-9537-45B1-9509-4A1A154C1E45}.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\{2B2AFFCE-B340-4A84-874F-0620BEAA5644}.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\{5D460AA0-4861-43A2-B93E-9D045F5CD66A}.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\{D4844515-443F-4606-A5FA-2383D7A78883}.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~206E.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~41FF.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~753.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~7B37.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~DF09863BE2E3A68E10.TMP => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\~DFB720CFC27BAC282F.TMP => Moved successfully.
Could not move "C:\Users\Zigulo\AppData\Local\Temp\Skype\DbTemp\temp-8R0dyLTq6OtFjFoHtmpvNjci" => Scheduled to move on reboot.
Could not move "C:\Users\Zigulo\AppData\Local\Temp\Skype\DbTemp\temp-LcJiCHTcgZ7TGr8bV82YM2KF" => Scheduled to move on reboot.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\Cooperator.zip => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\FileReg.chm => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\FileReg.icp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\IceSword.chm => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\IceSword.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.290\IceSword122en\readme.txt => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Rar$EXa0.269\gmer.exe => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Low\dat1AF.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Low\dat1EE.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Low\dat20F.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv14F6.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv1F3.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv60E4.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv7F3D.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv84B9.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv8526.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv8A06.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv924.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\adv9896.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advB65.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advCA7F.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advDF47.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advDF56.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advEBD4.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advEC51.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\advF3C0.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\tmp36BE.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\tmp7510.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\tmpB7A.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\tmpF22C.tmp => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{FFAAB8F8-1B8C-474F-9FEA-9B84EAA2D311}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{FFAAB8F8-1B8C-474F-9FEA-9B84EAA2D311}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{FFAAB8F8-1B8C-474F-9FEA-9B84EAA2D311}\_FRBatch.pac => Moved successfully.
Could not move "C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{FFAAB8F8-1B8C-474F-9FEA-9B84EAA2D311}\{29FFBE3C-E3DD-43BB-82E1-5FDC611CB4F1}.loc" => Scheduled to move on reboot.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{DB2AEEAE-245F-4846-894A-7E3AD3B846F1}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{DB2AEEAE-245F-4846-894A-7E3AD3B846F1}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{DB2AEEAE-245F-4846-894A-7E3AD3B846F1}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{DB2AEEAE-245F-4846-894A-7E3AD3B846F1}\{A990AFC1-EC2D-4637-92FE-B88720D97964}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{9D3C73CD-2734-412D-A2A4-0FFE3911D506}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{9D3C73CD-2734-412D-A2A4-0FFE3911D506}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{9D3C73CD-2734-412D-A2A4-0FFE3911D506}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{9D3C73CD-2734-412D-A2A4-0FFE3911D506}\{014EB0EC-280F-4B0A-B116-D0CE6135A382}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8CE09F2F-DC27-441C-8E9E-F9706DB3F661}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8CE09F2F-DC27-441C-8E9E-F9706DB3F661}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8CE09F2F-DC27-441C-8E9E-F9706DB3F661}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8CE09F2F-DC27-441C-8E9E-F9706DB3F661}\{70CFEE64-44E3-4F56-9CB2-8C64273788C9}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8A69E39E-1607-443E-8079-56413751E351}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8A69E39E-1607-443E-8079-56413751E351}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8A69E39E-1607-443E-8079-56413751E351}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{8A69E39E-1607-443E-8079-56413751E351}\{C70EAF12-7481-4AC1-AF0B-164B21A441B5}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81E7F7D6-CEE7-48DC-999A-D30D5F5FE4C7}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81E7F7D6-CEE7-48DC-999A-D30D5F5FE4C7}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81E7F7D6-CEE7-48DC-999A-D30D5F5FE4C7}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81E7F7D6-CEE7-48DC-999A-D30D5F5FE4C7}\{2287BF24-66D7-4F4C-B788-1306AF1D4DC5}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81874800-910F-4A4A-B6A4-E3434D4B1C62}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81874800-910F-4A4A-B6A4-E3434D4B1C62}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81874800-910F-4A4A-B6A4-E3434D4B1C62}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{81874800-910F-4A4A-B6A4-E3434D4B1C62}\{5A44D837-993F-4769-BB5A-CE128FD72843}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{76C800BE-EE9F-4221-BD84-697049E3428C}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{76C800BE-EE9F-4221-BD84-697049E3428C}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{76C800BE-EE9F-4221-BD84-697049E3428C}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{76C800BE-EE9F-4221-BD84-697049E3428C}\{D2F3318D-0B85-4096-9DBE-EEF5DE510530}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{75EB11B7-3B72-4FA2-AEE8-2D39EDF014D7}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{75EB11B7-3B72-4FA2-AEE8-2D39EDF014D7}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{75EB11B7-3B72-4FA2-AEE8-2D39EDF014D7}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{75EB11B7-3B72-4FA2-AEE8-2D39EDF014D7}\{EFDD572D-9EF1-40CB-8ED3-F5310E95E971}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{7333A7EC-4AB2-4FEF-965A-B2A46041672F}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{7333A7EC-4AB2-4FEF-965A-B2A46041672F}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{7333A7EC-4AB2-4FEF-965A-B2A46041672F}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{7333A7EC-4AB2-4FEF-965A-B2A46041672F}\{1C120C89-1A71-4E31-96D1-50DD190B1CE1}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{72238540-C8C9-41C9-9946-8C72F1BF6FB1}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{72238540-C8C9-41C9-9946-8C72F1BF6FB1}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{72238540-C8C9-41C9-9946-8C72F1BF6FB1}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{72238540-C8C9-41C9-9946-8C72F1BF6FB1}\{DB98CB01-84C7-4D85-B695-BD6709D025CB}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{66BFF20C-CCB1-40C9-A891-9E33F898DFCD}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{66BFF20C-CCB1-40C9-A891-9E33F898DFCD}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{66BFF20C-CCB1-40C9-A891-9E33F898DFCD}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{66BFF20C-CCB1-40C9-A891-9E33F898DFCD}\{CBA54659-DF07-40A7-AA40-00588312A247}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{65038B21-9276-4FB8-96A1-F299AD11C12C}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{65038B21-9276-4FB8-96A1-F299AD11C12C}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{65038B21-9276-4FB8-96A1-F299AD11C12C}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{65038B21-9276-4FB8-96A1-F299AD11C12C}\{CA680906-1A1B-4A15-8619-E9BD6FB08839}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{100E1EB8-23D9-4D0B-9839-5D108E8F1A93}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{100E1EB8-23D9-4D0B-9839-5D108E8F1A93}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{100E1EB8-23D9-4D0B-9839-5D108E8F1A93}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{100E1EB8-23D9-4D0B-9839-5D108E8F1A93}\{23C51FDC-6816-4ADC-BBB7-159C04C2BD08}.loc => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{08785F4F-AFD2-491C-88AA-E9BCD8D71B62}\desktop.ini => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{08785F4F-AFD2-491C-88AA-E9BCD8D71B62}\packet.ico => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{08785F4F-AFD2-491C-88AA-E9BCD8D71B62}\_FRBatch.pac => Moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{08785F4F-AFD2-491C-88AA-E9BCD8D71B62}\{D598E31D-94FA-4E82-B3D4-4F50E09C51A5}.loc => Moved successfully.
Could not move "C:\Users\Zigulo\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-02 13:00:17)<=
C:\Users\Zigulo\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\ws_Crypto_20141102_0.log => Is moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Skype\DbTemp\temp-8R0dyLTq6OtFjFoHtmpvNjci => Is moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Skype\DbTemp\temp-LcJiCHTcgZ7TGr8bV82YM2KF => Is moved successfully.
C:\Users\Zigulo\AppData\Local\Temp\Fine.SSR11\SSR_{FFAAB8F8-1B8C-474F-9FEA-9B84EAA2D311}\{29FFBE3C-E3DD-43BB-82E1-5FDC611CB4F1}.loc => Is moved successfully.
C:\Users\Zigulo\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Po reštarte PC sú vírusy späť
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Po reštarte PC sú vírusy späť
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Po reštarte PC sú vírusy späť
Ahoj
Vyzerá to tak že vírusy sa už nevracajú ani anivirák nič nesignalizuje. Ale pri spúšťaní jedného programu sa objavuje okno na inštaláciu programu, ktorý s ním vôbec nesúvisí nikdy predtým sa mi to v tejto súvislosti neobjavovalo. Ten program fičí cez HW kľúč žeby bolo niečo aj v ňom???? Vždy klikám nie potom ešte raz nie potom to prestane. Keď program spustím znova tak sa opakuje to isté. Aby to nebol zasa nejaký vírus. Ale neviem či mi s tým vieš pomôcť. Inak ostatné veci ako som už spomínal idú dobre. Ďakujem moc si mi pomohol
Vyzerá to tak že vírusy sa už nevracajú ani anivirák nič nesignalizuje. Ale pri spúšťaní jedného programu sa objavuje okno na inštaláciu programu, ktorý s ním vôbec nesúvisí nikdy predtým sa mi to v tejto súvislosti neobjavovalo. Ten program fičí cez HW kľúč žeby bolo niečo aj v ňom???? Vždy klikám nie potom ešte raz nie potom to prestane. Keď program spustím znova tak sa opakuje to isté. Aby to nebol zasa nejaký vírus. Ale neviem či mi s tým vieš pomôcť. Inak ostatné veci ako som už spomínal idú dobre. Ďakujem moc si mi pomohol
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Po reštarte PC sú vírusy späť
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Po reštarte PC sú vírusy späť
Ahoj Rudy
Toto je program o ktorom som hovoril
C:\windows\installer\7e4b3a.msi
stále chce vykonávať zmeny v mojom PC, ale len keď používam spomínaný program cez HW kľúč. Dokonca aj keď z neho chcem tlačiť tak sa to objavuje. Nevieš zistiť čo to je a či to nie je nejaký vírus? Díky.
Toto je program o ktorom som hovoril
C:\windows\installer\7e4b3a.msi
stále chce vykonávať zmeny v mojom PC, ale len keď používam spomínaný program cez HW kľúč. Dokonca aj keď z neho chcem tlačiť tak sa to objavuje. Nevieš zistiť čo to je a či to nie je nejaký vírus? Díky.
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Po reštarte PC sú vírusy späť
A co je to za program? Toto jen jeho instal. soubor. Pokud je to něco regulérního, budete se muset obrátit na jeho tech.podporu.zigulo píše:C:\windows\installer\7e4b3a.msi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Po reštarte PC sú vírusy späť
Ahoj
Neviem čo je to za program a hlavne nesúvisí s tým programom ktorý otváram. Dnes sa mi stalo že som ho nevedel ani otvoriť lebo pri jeho spúšťaní sa mi tam chcel otvoriť C:\updateflashplayer_23756cB4.exe, ktorý keď som odklikol nie tak sa okno otvorilo znova a znova a dokola až som to musel reštartovať a antivir zachytil nové vírusy. Takže si myslí že tam ešte niečo zostalo.
Čo robiť??
Neviem čo je to za program a hlavne nesúvisí s tým programom ktorý otváram. Dnes sa mi stalo že som ho nevedel ani otvoriť lebo pri jeho spúšťaní sa mi tam chcel otvoriť C:\updateflashplayer_23756cB4.exe, ktorý keď som odklikol nie tak sa okno otvorilo znova a znova a dokola až som to musel reštartovať a antivir zachytil nové vírusy. Takže si myslí že tam ešte niečo zostalo.
Čo robiť??
Re: Po reštarte PC sú vírusy späť
antivir našiel PSW:win32/zbot.gen!AP
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Po reštarte PC sú vírusy späť
Soubor C:\updateflashplayer_23756cB4.exe smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?