VIRY.CZ

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
KLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-19] (Spotify Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [GoogleUpdate] => C:\Users\vymys_000\AppData\Roaming\FrameworkUpdate\GoogleUpdate.exe [120320 2015-02-21] ()
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [ByteCodeGenerator] => C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe [290304 2014-03-20] (©Wyebugur)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Policies\Explorer: [Run] "C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe"
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\MountPoints2: {3260ed9e-a4a0-11e4-8265-f8a963e3c17c} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Command Processor: "C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe" <===== ATTENTION!
Startup: C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ByteCodeGenerator.lnk

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{8578a0a3-3c79-441a-b171-d3e1e18c23fe} <======= ATTENTION (Policy Restriction on IP)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1421617813&from=kmp&uid=WDCXWD10JPVX-22JC3T0_WD-WX41E34NY757NY757", "hxxp://istart.webssearches.com/?type=hppp&ts=1421617891&from=kmp&uid=WDCXWD10JPVX-22JC3T0_WD-WX41E34NY757NY757"
CHR Extension: (MyFunCards) - C:\Users\vymys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehdhibmkmcipbeahabjgfhgngojeace [2015-01-13]

R4 edevmon; system32\DRIVERS\edevmon.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]

C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate
2015-02-26 23:40 - 2015-02-26 23:41 - 00025509 _____ () C:\Users\vymys_000\Desktop\FRST.txt
2015-02-26 22:53 - 2015-02-26 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\vymys_000\Desktop\spybot-2.4.exe
2015-02-26 22:47 - 2015-02-26 22:47 - 02383648 _____ (Reason Company Software Inc.) C:\Users\vymys_000\Desktop\herdProtectScan_Portable.exe
2015-02-26 22:45 - 2015-02-26 22:45 - 12961620 _____ () C:\Users\vymys_000\Desktop\mbar-1.01.0.1009.zip
2015-02-26 22:20 - 2015-02-26 22:20 - 04579184 _____ (AVG Technologies) C:\Users\vymys_000\Desktop\avg_free_stb_eu_2015_5315.exe
2015-02-26 22:04 - 2015-02-26 22:04 - 00243456 _____ () C:\Users\vymys_000\Desktop\Firefox Setup Stub 36.0.exe
2015-02-26 21:51 - 2015-02-26 21:51 - 04862664 _____ (AVAST Software) C:\Users\vymys_000\Downloads\avast_free_antivirus_setup_online.exe
2015-02-26 21:51 - 2015-02-26 21:51 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 21:08 - 2015-02-26 21:08 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-26 12:02 - 2015-02-26 20:47 - 00003660 _____ () C:\Windows\System32\Tasks\ByteCodeGenerator
2015-02-26 10:50 - 2015-02-25 17:04 - 00000367 _____ () C:\zoek-results2015-02-25-160425.log
2015-02-25 17:04 - 2015-02-25 13:54 - 00001482 _____ () C:\zoek-results2015-02-25-125459.log
2015-02-25 13:51 - 2015-02-26 10:50 - 00001218 _____ () C:\zoek-results.log
2015-02-25 13:48 - 2015-02-26 10:54 - 00001205 _____ () C:\runcheck.txt
2015-02-25 13:47 - 2015-02-25 13:47 - 01304576 _____ () C:\Users\vymys_000\Desktop\zoek.exe
2015-02-25 13:47 - 2015-02-25 13:47 - 00000000 ____D () C:\zoek_backup
2015-02-25 13:45 - 2015-02-26 20:54 - 00003190 _____ () C:\Windows\PFRO.log
2015-02-25 13:45 - 2015-02-26 20:54 - 00000580 _____ () C:\Windows\setupact.log
2015-02-25 13:45 - 2015-02-25 13:45 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-25 12:22 - 2015-02-25 13:42 - 00000000 ____D () C:\AdwCleaner
2015-02-23 19:58 - 2015-02-23 19:58 - 00709564 _____ () C:\Users\vymys_000\Downloads\delfix_10.8 (1).exe
2015-02-23 19:58 - 2015-02-23 19:58 - 00000404 _____ () C:\DelFix.txt
2015-02-23 13:15 - 2015-02-23 13:16 - 00000000 ____D () C:\Program Files\trend micro
2015-02-22 18:30 - 2015-02-22 18:35 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-22 18:30 - 2015-02-22 18:30 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\MFAData
2015-02-22 18:30 - 2015-02-22 18:30 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Avg2015
2015-02-22 18:29 - 2015-02-22 18:29 - 04579184 _____ (AVG Technologies) C:\Users\vymys_000\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-22 18:25 - 2015-02-22 18:24 - 00801792 _____ () C:\Users\vymys_000\AppData\Roaming\317kUO.exe
2015-02-22 17:01 - 2015-02-22 17:02 - 24743106 _____ () C:\Users\vymys_000\Downloads\vlc-2.1.5-win32.exe
2015-02-22 17:01 - 2015-02-22 17:01 - 35907256 _____ (PandoraTV) C:\Users\vymys_000\Downloads\3.9.1.133_20150210101242.exe
2015-02-21 20:17 - 2015-02-21 20:17 - 00000292 _____ () C:\Users\vymys_000\Downloads\HELP_DECRYPT.URL
2015-02-21 12:06 - 2015-02-21 12:06 - 00000292 _____ () C:\Users\vymys_000\Documents\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\HELP_DECRYPT.URL
2015-02-21 12:01 - 2015-02-21 12:01 - 00000292 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-02-21 12:00 - 2015-02-21 12:00 - 00000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-02-20 14:01 - 2015-02-20 14:02 - 03248480 _____ () C:\Users\vymys_000\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2015-02-20 11:29 - 2015-02-20 11:29 - 00003608 _____ () C:\Windows\System32\Tasks\help
2015-02-19 19:37 - 2015-02-26 10:37 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Ahwkworks
2015-02-19 19:37 - 2015-02-26 10:35 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Ovwics
2015-02-21 12:03 - 2015-02-21 12:03 - 0045885 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.PNG
2015-02-21 12:03 - 2015-02-21 12:03 - 0000292 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL
2015-02-21 11:33 - 2015-02-21 11:33 - 0000480 ____H () C:\Users\vymys_000\AppData\Roaming\麽鎒駓覜
2015-02-21 12:03 - 2015-02-21 12:03 - 0045885 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.PNG
2015-02-21 12:03 - 2015-02-21 12:03 - 0000292 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL
2015-01-14 19:50 - 2015-01-14 19:50 - 0000003 _____ () C:\Users\vymys_000\AppData\Local\updater.log
2015-01-14 19:50 - 2015-01-14 19:50 - 0000425 _____ () C:\Users\vymys_000\AppData\Local\UserProducts.xml
2015-02-21 11:33 - 2015-02-26 20:57 - 0000696 _____ () C:\ProgramData\@system.temp
2015-02-21 11:33 - 2015-02-26 20:58 - 0000432 ____H () C:\ProgramData\@system3.att
2014-08-19 11:42 - 2014-08-19 11:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-21 12:00 - 2015-02-21 12:00 - 0045885 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-02-21 12:00 - 2015-02-21 12:00 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
C:\Windows\AutoKMS

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {624FD245-A5C1-4642-816C-421A9AE43F4A} - System32\Tasks\WerFault => C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFault.exe [2014-03-20] (©Wyebugur)

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Posílám log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by vymys_000 at 2015-02-27 00:42:34 Run:1
Running from C:\Users\vymys_000\Desktop
Loaded Profiles: vymys_000 (Available profiles: vymys_000)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
KLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-19] (Spotify Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [GoogleUpdate] => C:\Users\vymys_000\AppData\Roaming\FrameworkUpdate\GoogleUpdate.exe [120320 2015-02-21] ()
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Run: [ByteCodeGenerator] => C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe [290304 2014-03-20] (©Wyebugur)
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Policies\Explorer: [Run] "C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe"
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\MountPoints2: {3260ed9e-a4a0-11e4-8265-f8a963e3c17c} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\...\Command Processor: "C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\ByteCodeGenerator.exe" <===== ATTENTION!
Startup: C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ByteCodeGenerator.lnk

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{8578a0a3-3c79-441a-b171-d3e1e18c23fe} <======= ATTENTION (Policy Restriction on IP)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1421617813&from=kmp&uid=WDCXWD10JPVX-22JC3T0_WD-WX41E34NY757NY757", "hxxp://istart.webssearches.com/?type=hppp&ts=1421617891&from=kmp&uid=WDCXWD10JPVX-22JC3T0_WD-WX41E34NY757NY757"
CHR Extension: (MyFunCards) - C:\Users\vymys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehdhibmkmcipbeahabjgfhgngojeace [2015-01-13]

R4 edevmon; system32\DRIVERS\edevmon.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]

C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate
2015-02-26 23:40 - 2015-02-26 23:41 - 00025509 _____ () C:\Users\vymys_000\Desktop\FRST.txt
2015-02-26 22:53 - 2015-02-26 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\vymys_000\Desktop\spybot-2.4.exe
2015-02-26 22:47 - 2015-02-26 22:47 - 02383648 _____ (Reason Company Software Inc.) C:\Users\vymys_000\Desktop\herdProtectScan_Portable.exe
2015-02-26 22:45 - 2015-02-26 22:45 - 12961620 _____ () C:\Users\vymys_000\Desktop\mbar-1.01.0.1009.zip
2015-02-26 22:20 - 2015-02-26 22:20 - 04579184 _____ (AVG Technologies) C:\Users\vymys_000\Desktop\avg_free_stb_eu_2015_5315.exe
2015-02-26 22:04 - 2015-02-26 22:04 - 00243456 _____ () C:\Users\vymys_000\Desktop\Firefox Setup Stub 36.0.exe
2015-02-26 21:51 - 2015-02-26 21:51 - 04862664 _____ (AVAST Software) C:\Users\vymys_000\Downloads\avast_free_antivirus_setup_online.exe
2015-02-26 21:51 - 2015-02-26 21:51 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 21:08 - 2015-02-26 21:08 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-26 12:02 - 2015-02-26 20:47 - 00003660 _____ () C:\Windows\System32\Tasks\ByteCodeGenerator
2015-02-26 10:50 - 2015-02-25 17:04 - 00000367 _____ () C:\zoek-results2015-02-25-160425.log
2015-02-25 17:04 - 2015-02-25 13:54 - 00001482 _____ () C:\zoek-results2015-02-25-125459.log
2015-02-25 13:51 - 2015-02-26 10:50 - 00001218 _____ () C:\zoek-results.log
2015-02-25 13:48 - 2015-02-26 10:54 - 00001205 _____ () C:\runcheck.txt
2015-02-25 13:47 - 2015-02-25 13:47 - 01304576 _____ () C:\Users\vymys_000\Desktop\zoek.exe
2015-02-25 13:47 - 2015-02-25 13:47 - 00000000 ____D () C:\zoek_backup
2015-02-25 13:45 - 2015-02-26 20:54 - 00003190 _____ () C:\Windows\PFRO.log
2015-02-25 13:45 - 2015-02-26 20:54 - 00000580 _____ () C:\Windows\setupact.log
2015-02-25 13:45 - 2015-02-25 13:45 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-25 12:22 - 2015-02-25 13:42 - 00000000 ____D () C:\AdwCleaner
2015-02-23 19:58 - 2015-02-23 19:58 - 00709564 _____ () C:\Users\vymys_000\Downloads\delfix_10.8 (1).exe
2015-02-23 19:58 - 2015-02-23 19:58 - 00000404 _____ () C:\DelFix.txt
2015-02-23 13:15 - 2015-02-23 13:16 - 00000000 ____D () C:\Program Files\trend micro
2015-02-22 18:30 - 2015-02-22 18:35 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-22 18:30 - 2015-02-22 18:30 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\MFAData
2015-02-22 18:30 - 2015-02-22 18:30 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Avg2015
2015-02-22 18:29 - 2015-02-22 18:29 - 04579184 _____ (AVG Technologies) C:\Users\vymys_000\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-22 18:25 - 2015-02-22 18:24 - 00801792 _____ () C:\Users\vymys_000\AppData\Roaming\317kUO.exe
2015-02-22 17:01 - 2015-02-22 17:02 - 24743106 _____ () C:\Users\vymys_000\Downloads\vlc-2.1.5-win32.exe
2015-02-22 17:01 - 2015-02-22 17:01 - 35907256 _____ (PandoraTV) C:\Users\vymys_000\Downloads\3.9.1.133_20150210101242.exe
2015-02-21 20:17 - 2015-02-21 20:17 - 00000292 _____ () C:\Users\vymys_000\Downloads\HELP_DECRYPT.URL
2015-02-21 12:06 - 2015-02-21 12:06 - 00000292 _____ () C:\Users\vymys_000\Documents\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL
2015-02-21 12:03 - 2015-02-21 12:03 - 00000292 _____ () C:\Users\vymys_000\AppData\HELP_DECRYPT.URL
2015-02-21 12:01 - 2015-02-21 12:01 - 00000292 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-02-21 12:00 - 2015-02-21 12:00 - 00000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-02-20 14:01 - 2015-02-20 14:02 - 03248480 _____ () C:\Users\vymys_000\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2015-02-20 11:29 - 2015-02-20 11:29 - 00003608 _____ () C:\Windows\System32\Tasks\help
2015-02-19 19:37 - 2015-02-26 10:37 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Ahwkworks
2015-02-19 19:37 - 2015-02-26 10:35 - 00000000 ____D () C:\Users\vymys_000\AppData\Local\Ovwics
2015-02-21 12:03 - 2015-02-21 12:03 - 0045885 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.PNG
2015-02-21 12:03 - 2015-02-21 12:03 - 0000292 _____ () C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL
2015-02-21 11:33 - 2015-02-21 11:33 - 0000480 ____H () C:\Users\vymys_000\AppData\Roaming\????
2015-02-21 12:03 - 2015-02-21 12:03 - 0045885 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.PNG
2015-02-21 12:03 - 2015-02-21 12:03 - 0000292 _____ () C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL
2015-01-14 19:50 - 2015-01-14 19:50 - 0000003 _____ () C:\Users\vymys_000\AppData\Local\updater.log
2015-01-14 19:50 - 2015-01-14 19:50 - 0000425 _____ () C:\Users\vymys_000\AppData\Local\UserProducts.xml
2015-02-21 11:33 - 2015-02-26 20:57 - 0000696 _____ () C:\ProgramData\@system.temp
2015-02-21 11:33 - 2015-02-26 20:58 - 0000432 ____H () C:\ProgramData\@system3.att
2014-08-19 11:42 - 2014-08-19 11:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-21 12:00 - 2015-02-21 12:00 - 0045885 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-02-21 12:00 - 2015-02-21 12:00 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
C:\Windows\AutoKMS

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {624FD245-A5C1-4642-816C-421A9AE43F4A} - System32\Tasks\WerFault => C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate\WerFault.exe [2014-03-20] (©Wyebugur)

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
KLM\...\Policies\Explorer: [NoFolderOptions] 0 => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleUpdate => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ByteCodeGenerator => value deleted successfully.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\Run => value deleted successfully.
"HKU\S-1-5-21-829891482-3244220118-2604885426-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3260ed9e-a4a0-11e4-8265-f8a963e3c17c}" => Key deleted successfully.
HKCR\CLSID\{3260ed9e-a4a0-11e4-8265-f8a963e3c17c} => Key not found.
HKU\S-1-5-21-829891482-3244220118-2604885426-1001\Software\Microsoft\Command Processor\\AutoRun => value deleted successfully.
C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ByteCodeGenerator.lnk => Moved successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\\ActivePolicy => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\vymys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehdhibmkmcipbeahabjgfhgngojeace => Moved successfully.
edevmon => Unable to stop service
edevmon => Service deleted successfully.
ehdrv => Unable to stop service
ehdrv => Service deleted successfully.
C:\Users\vymys_000\AppData\Roaming\Microsoft\Windows\IEUpdate => Moved successfully.
C:\Users\vymys_000\Desktop\FRST.txt => Moved successfully.
"C:\Users\vymys_000\Desktop\spybot-2.4.exe" => File/Directory not found.
C:\Users\vymys_000\Desktop\herdProtectScan_Portable.exe => Moved successfully.
C:\Users\vymys_000\Desktop\mbar-1.01.0.1009.zip => Moved successfully.
C:\Users\vymys_000\Desktop\avg_free_stb_eu_2015_5315.exe => Moved successfully.
"C:\Users\vymys_000\Desktop\Firefox Setup Stub 36.0.exe" => File/Directory not found.
"C:\Users\vymys_000\Downloads\avast_free_antivirus_setup_online.exe" => File/Directory not found.
C:\ProgramData\AVAST Software => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\System32\Tasks\ByteCodeGenerator => Moved successfully.
C:\zoek-results2015-02-25-160425.log => Moved successfully.
C:\zoek-results2015-02-25-125459.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\runcheck.txt => Moved successfully.
"C:\Users\vymys_000\Desktop\zoek.exe" => File/Directory not found.
C:\zoek_backup => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\vymys_000\Downloads\delfix_10.8 (1).exe" => File/Directory not found.
C:\DelFix.txt => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\ProgramData\MFAData => Moved successfully.
C:\Users\vymys_000\AppData\Local\MFAData => Moved successfully.
C:\Users\vymys_000\AppData\Local\Avg2015 => Moved successfully.
"C:\Users\vymys_000\Downloads\avg_free_stb_eu_2015_5315.exe" => File/Directory not found.
"C:\Users\vymys_000\AppData\Roaming\317kUO.exe" => File/Directory not found.
C:\Users\vymys_000\Downloads\vlc-2.1.5-win32.exe => Moved successfully.
"C:\Users\vymys_000\Downloads\3.9.1.133_20150210101242.exe" => File/Directory not found.
"C:\Users\vymys_000\Downloads\HELP_DECRYPT.URL" => File/Directory not found.
"C:\Users\vymys_000\Documents\HELP_DECRYPT.URL" => File/Directory not found.
C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL => Moved successfully.
C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL => Moved successfully.
C:\Users\vymys_000\AppData\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Public\HELP_DECRYPT.URL => Moved successfully.
C:\ProgramData\HELP_DECRYPT.URL => Moved successfully.
"C:\Users\vymys_000\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar" => File/Directory not found.
C:\Windows\System32\Tasks\help => Moved successfully.
C:\Users\vymys_000\AppData\Local\Ahwkworks => Moved successfully.
C:\Users\vymys_000\AppData\Local\Ovwics => Moved successfully.
C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.PNG => Moved successfully.
"C:\Users\vymys_000\AppData\Roaming\HELP_DECRYPT.URL" => File/Directory not found.

"C:\Users\vymys_000\AppData\Roaming\????" directory move:

Could not move "C:\Users\vymys_000\AppData\Roaming\????" directory. => Scheduled to move on reboot.

C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.PNG => Moved successfully.
"C:\Users\vymys_000\AppData\Local\HELP_DECRYPT.URL" => File/Directory not found.
C:\Users\vymys_000\AppData\Local\updater.log => Moved successfully.
C:\Users\vymys_000\AppData\Local\UserProducts.xml => Moved successfully.
C:\ProgramData\@system.temp => Moved successfully.
C:\ProgramData\@system3.att => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\ProgramData\HELP_DECRYPT.PNG => Moved successfully.
"C:\ProgramData\HELP_DECRYPT.URL" => File/Directory not found.
C:\Windows\AutoKMS => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{624FD245-A5C1-4642-816C-421A9AE43F4A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{624FD245-A5C1-4642-816C-421A9AE43F4A}" => Key deleted successfully.
C:\Windows\System32\Tasks\WerFault => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WerFault" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 20.5 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-27 00:53:01)<=

"C:\Users\vymys_000\AppData\Roaming\????" => Directory could not move.

==== End of Fixlog 00:53:01 ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remote disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Delfix se mi bohužel nedaří stáhnout, píše to že "Chyba při stahování" i po tom co jsem vypla antivirus, bohužel nic.Nicméně se zdá, že notebook jede naprosto v pořádku. Díky moc

pokud mohu nějak Delfix stáhnout jinak, nebo je tu alternativa, budu ráda.

Pouzijte OTC http://www.itxassociates.com/OT-Tools/OTC.exe

Děkuji za pomoc, zdá se, že problém je vyřešen. Nicméně mám ještě jednu otázku - proč se mi nezobrazují náhledy u ikonky u obrázků a filmů?

Dobrý večer,
otevřete Ovládací panely, klikněte na položku Vzhled a přizpůsobení a na položku Možnosti složky, přejděte na kartu Zobrazit a odškrtněte políčko Vždy zobrazit ikony, nikdy ne miniatury.

Snad vyosek promine, že mu skáču do tématu.

Diky rosenkreuz, jen upozornuji na pravidla fora o moznosti vstupu a pomoci

@Symphie: pomohla rada??

VIRY.CZ

Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..

Re: Prosím pomoc.. Fb,videa, obrázky atd..