Kopírování z Pc na Flash disk

[mople71]

Všechny nálezy můžeš smazat.


Stáhni si prosím FRST: http://www.bleepingcomputer.com/downloa ... ool/dl/82/

Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic nezatrhávej.

Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.

[Reklama]

[Myskec]

všiml jsem si,že je tam v prvním polovině toho logu navrchu napsano Rootkity: vypnuto, tak nevím jestli je to dobře, ale v tom jsem je zaškrtával :)

[Myskec]

tady je první log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 02
Ran by Myškec (administrator) on MYŠKEC-PC on 15-04-2015 18:14:11
Running from C:\Stažené
Loaded Profiles: Myškec & (Available profiles: Myškec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-07] (Microsoft Corporation)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {0CC2870F-3CF7-4BAB-90C0-C4A56E5C57B5} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {2E21C992-7C2B-4D8F-91C3-7DC264C97257} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {332B935A-DFA5-4822-B505-EE2ACB1397D1} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {51A2E32E-FE3A-4A17-9593-A755AC6E34BB} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {53FB08D2-F85F-41B2-821C-3F362D7DBCB0} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {75756155-1357-4812-9F26-B5B75FEE376B} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {7635B8D1-23F9-46B9-ABAB-B29BC4BFB600} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {C4780283-A968-4E44-96B1-C1CB4A045047} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000 -> {E59C8D57-EFB3-46A3-B685-933EF042FE8E} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0CC2870F-3CF7-4BAB-90C0-C4A56E5C57B5} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2E21C992-7C2B-4D8F-91C3-7DC264C97257} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {332B935A-DFA5-4822-B505-EE2ACB1397D1} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {51A2E32E-FE3A-4A17-9593-A755AC6E34BB} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {53FB08D2-F85F-41B2-821C-3F362D7DBCB0} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {75756155-1357-4812-9F26-B5B75FEE376B} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7635B8D1-23F9-46B9-ABAB-B29BC4BFB600} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C4780283-A968-4E44-96B1-C1CB4A045047} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E59C8D57-EFB3-46A3-B685-933EF042FE8E} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-08] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3102649379-3115252332-174003478-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Myškec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Myškec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Extension: Ads Removal - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\adremoveext@adremoveext.net [2015-04-15]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-14]
CHR Extension: (Google Docs) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-14]
CHR Extension: (Google Drive) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-14]
CHR Extension: (YouTube) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-14]
CHR Extension: (Google Search) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-14]
CHR Extension: (Google Sheets) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-14]
CHR Extension: (AdBlock) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-15]
CHR Extension: (Skype Click to Call) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-14]
CHR Extension: (Google Wallet) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-13]
CHR Extension: (Gmail) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-08] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-10-30] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-10-30] (Advanced Micro Devices Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-05-22] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-23] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 KbFilter_Kb_FlexDef3x; C:\Windows\System32\DRIVERS\KbFilter_FlexDef3x.sys [22016 2012-10-16] (Siliten)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-05-22] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 cpuz134; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 18:14 - 2015-04-15 18:14 - 00000000 ____D () C:\FRST
2015-04-15 17:25 - 2015-04-15 17:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 17:25 - 2015-04-15 17:25 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 17:25 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-15 17:25 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-15 17:25 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-15 17:10 - 2015-04-15 17:10 - 00082662 _____ () C:\mbam.txt
2015-04-15 15:46 - 2015-04-15 15:46 - 00000000 ____D () C:\ProgramData\ProductData
2015-04-15 15:41 - 2015-04-15 15:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-14 21:17 - 2015-04-15 15:38 - 00000000 ____D () C:\zoek_backup
2015-04-14 21:07 - 2015-04-14 21:11 - 00000000 ____D () C:\AdwCleaner
2015-04-13 20:30 - 2015-04-13 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-04-13 20:30 - 2015-04-13 20:30 - 00000000 ____D () C:\ProgramData\ESET
2015-04-13 20:30 - 2015-04-13 20:30 - 00000000 ____D () C:\Program Files\ESET
2015-04-13 17:23 - 2015-04-15 17:52 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 17:23 - 2015-04-15 15:47 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-13 17:23 - 2015-04-13 17:23 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-13 17:23 - 2015-04-13 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-13 17:22 - 2015-04-15 17:23 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-13 17:22 - 2015-04-15 15:47 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-13 07:43 - 2015-04-15 17:23 - 00000784 _____ () C:\Windows\setupact.log
2015-04-13 07:43 - 2015-04-15 17:22 - 00004266 _____ () C:\Windows\PFRO.log
2015-04-13 07:43 - 2015-04-13 07:43 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-12 20:02 - 2015-04-12 20:02 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\ESET
2015-04-12 20:02 - 2015-04-12 20:02 - 00000000 ____D () C:\Users\Myškec\AppData\Local\ESET
2015-04-12 19:25 - 2015-04-12 19:25 - 00000646 _____ () C:\Users\Myškec\Desktop\Total Commander 64 bit.lnk
2015-04-12 19:25 - 2015-04-12 19:25 - 00000632 _____ () C:\Users\Myškec\Desktop\Total Commander.lnk
2015-04-12 19:25 - 2015-04-12 19:25 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-04-12 19:25 - 2015-04-12 19:25 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\GHISLER
2015-04-12 19:25 - 2015-04-12 19:25 - 00000000 ____D () C:\totalcmd
2015-04-10 19:06 - 2015-04-10 19:06 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-04-10 19:06 - 2015-04-10 19:06 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-10 19:04 - 2015-04-10 19:04 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-10 19:04 - 2015-04-10 19:04 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-10 11:50 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-10 11:50 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-04 14:34 - 2015-04-04 14:34 - 00000000 ____D () C:\ProgramData\Origin
2015-04-03 11:56 - 2015-04-15 16:50 - 00000000 ____D () C:\Users\Myškec\Documents\FIFA 14
2015-04-03 11:53 - 2015-04-03 11:53 - 00000798 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2015-04-03 11:53 - 2015-04-03 11:53 - 00000749 _____ () C:\Users\Public\Desktop\FIFA 14 Nastavení.lnk
2015-04-03 11:53 - 2015-04-03 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2015-04-03 11:45 - 2015-04-03 11:45 - 00000000 ____D () C:\hry
2015-03-30 15:30 - 2015-03-30 15:30 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-30 15:30 - 2015-03-30 15:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-28 08:20 - 2015-03-28 08:20 - 00001238 _____ () C:\Users\Myškec\Desktop\Launchers.lnk
2015-03-28 08:20 - 2015-03-28 08:20 - 00001202 _____ () C:\Users\Myškec\Desktop\Resident Evil 6.lnk
2015-03-28 08:20 - 2015-03-28 08:20 - 00000000 ____D () C:\Users\Myškec\Documents\CAPCOM
2015-03-28 08:20 - 2015-03-28 08:20 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Resident Evil 6
2015-03-28 08:20 - 2015-03-28 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-03-28 07:52 - 2015-03-28 07:52 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2015-03-26 17:08 - 2015-03-27 20:35 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\CAD87C1F-15CF-4D28-94B8-25302041AD04
2015-03-26 17:08 - 2015-03-27 12:53 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\G43Zq0Cx5lYjgxgi
2015-03-26 16:59 - 2015-03-27 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-03-23 09:57 - 2015-03-23 09:57 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Steam
2015-03-23 09:57 - 2015-03-23 09:57 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Colossal Order
2015-03-23 09:57 - 2015-03-23 09:57 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\.mono
2015-03-23 09:57 - 2015-03-23 09:57 - 00000000 ____D () C:\Users\Myškec\AppData\Local\Colossal Order
2015-03-23 09:57 - 2015-03-23 09:57 - 00000000 ____D () C:\ProgramData\.mono
2015-03-17 16:14 - 2015-03-17 16:14 - 00000000 ____D () C:\Users\Myškec\AppData\Local\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 18:14 - 2013-11-05 22:55 - 00000000 ____D () C:\Stažené
2015-04-15 17:53 - 2013-11-05 20:56 - 01400772 _____ () C:\Windows\WindowsUpdate.log
2015-04-15 17:30 - 2009-07-14 06:45 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-15 17:30 - 2009-07-14 06:45 - 00020608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-15 17:29 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-04-15 17:29 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-04-15 17:29 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 17:24 - 2014-10-30 17:37 - 00002878 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Myškec)
2015-04-15 17:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 21:12 - 2014-10-30 17:14 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-14 20:23 - 2013-11-05 21:49 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-14 20:23 - 2013-11-05 21:49 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-14 20:23 - 2013-11-05 21:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-14 20:22 - 2013-12-03 16:34 - 00000000 ____D () C:\Users\Myškec\AppData\Local\NVIDIA Corporation
2015-04-14 16:25 - 2013-11-06 17:12 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\vlc
2015-04-13 17:31 - 2014-03-23 11:44 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\BitComet
2015-04-13 17:23 - 2013-11-05 21:37 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-13 08:47 - 2013-11-05 21:37 - 00000000 ____D () C:\Users\Myškec\AppData\Local\Google
2015-04-13 07:43 - 2013-11-05 20:45 - 00000000 ____D () C:\Windows\Panther
2015-04-12 21:36 - 2013-11-05 21:16 - 00000000 ____D () C:\Users\Myškec
2015-04-12 20:16 - 2015-01-10 03:46 - 00000000 ____D () C:\ProgramData\taKKEsave
2015-04-12 20:13 - 2015-01-10 03:46 - 00000000 ____D () C:\ProgramData\clicKKit
2015-04-10 19:07 - 2014-10-30 18:18 - 00002146 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-04-10 19:06 - 2013-11-05 21:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-10 19:06 - 2013-11-05 21:24 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-04-10 19:04 - 2015-01-10 12:02 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-10 19:04 - 2014-09-21 09:52 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-10 19:04 - 2014-09-21 09:52 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-10 19:04 - 2013-11-05 21:49 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-04-06 08:37 - 2009-07-14 07:08 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-04 16:04 - 2014-03-23 10:26 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\DAEMON Tools Lite
2015-04-03 11:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-31 15:19 - 2014-11-06 16:33 - 129527808 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-03-31 15:19 - 2014-11-06 16:33 - 00274432 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-03-31 15:19 - 2014-11-06 16:33 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-03-31 15:19 - 2014-11-06 16:33 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-03-30 15:30 - 2013-12-17 19:01 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Skype
2015-03-30 15:29 - 2013-12-17 19:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-30 15:29 - 2013-12-17 19:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-30 15:28 - 2014-07-11 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MV2Player
2015-03-27 20:39 - 2014-07-13 13:02 - 00000000 ____D () C:\Users\Myškec\AppData\Local\Turbine
2015-03-27 20:38 - 2014-12-17 16:47 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-27 20:38 - 2014-12-08 16:55 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\ProductData
2015-03-27 20:38 - 2014-12-08 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-03-27 20:38 - 2014-12-04 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-03-27 20:38 - 2014-10-30 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-03-27 20:38 - 2014-10-30 17:14 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\IObit
2015-03-27 20:38 - 2014-10-30 17:14 - 00000000 ____D () C:\ProgramData\IObit
2015-03-27 20:38 - 2014-05-06 21:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-27 20:38 - 2013-11-06 17:41 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-03-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-27 20:37 - 2014-06-10 17:42 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-03-25 16:05 - 2014-03-23 10:25 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-03-25 16:05 - 2013-11-06 17:41 - 00000000 ____D () C:\Users\Myškec\AppData\Local\TeamSpeak 3 Client
2015-03-25 16:05 - 2013-11-05 22:53 - 00000000 ____D () C:\Users\Myškec\AppData\Roaming\TS3Client
2015-03-25 16:05 - 2009-07-14 17:36 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-17 16:14 - 2014-07-13 11:32 - 00000000 ____D () C:\Program Files (x86)\Steam

==================== Files in the root of some directories =======

2015-02-01 19:28 - 2015-03-08 20:11 - 0000020 _____ () C:\Users\Myškec\AppData\Roaming\appdataFr3.bin
2014-10-30 18:30 - 2014-10-30 18:30 - 0008506 _____ () C:\Users\Myškec\AppData\Roaming\msioedtv.dat
2014-10-30 18:30 - 2014-12-26 13:49 - 0000031 _____ () C:\Users\Myškec\AppData\Roaming\msmpccog.dat
2014-01-15 21:45 - 2014-01-15 21:45 - 0000017 _____ () C:\Users\Myškec\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2015-03-25 19:58

==================== End Of Log ============================

[Myskec]

tady druhej

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 02
Ran by Myškec at 2015-04-15 18:14:55
Running from C:\Stažené
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.3.9.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.3.9.2 - ASUSTek COMPUTER INC.) Hidden
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
BitComet 1.36 (HKLM-x32\...\BitComet) (Version: 1.36 - CometNetwork)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Dropbox (HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.2 - Electronic Arts)
FIFA 14 1.2 (HKLM-x32\...\FIFA 14_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Resident Evil 6 (HKLM-x32\...\Resident Evil 6_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Galfimbul)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Smart QrCode Generator (HKLM-x32\...\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}) (Version: - "") <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Weather Europe Extension (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version: - "") <==== ATTENTION
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102649379-3115252332-174003478-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Myškec\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

10-04-2015 19:04:00 Driver Booster : NVIDIA GeForce GTX 650
10-04-2015 21:30:54 Windows Update
14-04-2015 08:38:23 Windows Update
14-04-2015 21:18:10 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-15 15:31 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051FF351-D1A6-4335-A621-51E601D7E96E} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {2AAC029E-0835-468A-B514-B5D8BEE87BEB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-30] (Microsoft Corporation)
Task: {36A43993-2913-4A3D-8792-9D37F8F29890} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation)
Task: {3D235D3B-9CF7-4732-BCFC-94CFA0FEEF29} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {4ACEDC14-BD14-41D3-995A-9ED26A87632F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5C5FF7B2-EADB-4C08-BE74-460525D8D600} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {61455F4A-A17F-46CD-AE5D-46DD904C9257} - System32\Tasks\Driver Booster SkipUAC (Myškec) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {842483D1-5698-43B7-BB0C-9B587398C53B} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation)
Task: {90C2F2E4-F986-4560-83E6-6EEE046AAE51} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {94789159-6819-4A9D-802D-6CDFA5608F5F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {954CFA18-592A-4DE4-9533-B5C1835F0C7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
Task: {C0B6A839-D084-43BD-89D9-05DC9861B8E6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation)
Task: {D8858D3F-4600-475C-9D02-AE9E943A9E05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-08] (Adobe Systems Incorporated)
Task: {DA590940-5D90-4554-9335-2985BB4F02C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
Task: {DEB2B219-FCB3-482D-BB8B-6B97409D215F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {EC1E79D5-097D-4704-A1A8-652173BBEFB4} - System32\Tasks\{C5B55782-A1E7-4E82-BEAA-3BF818AF1B19} => pcalua.exe -a E:\Desperados.exe -d E:\ -c -autorun
Task: {FAD00ECC-FFB4-473E-86AE-5EC425E379D5} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-11-05 21:50 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-26 17:09 - 2015-01-09 19:46 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2015-03-26 17:09 - 2015-01-09 19:46 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2015-03-26 17:09 - 2015-01-09 19:46 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-12-04 08:36 - 2013-12-12 19:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-12-04 08:36 - 2013-05-16 20:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-12-04 08:36 - 2013-10-16 23:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-12-04 08:36 - 2013-05-16 20:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-13 17:23 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-13 17:23 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-13 17:23 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-13 17:23 - 2015-03-30 23:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3102649379-3115252332-174003478-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Myškec\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Myškec\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3102649379-3115252332-174003478-500 - Administrator - Disabled)
Guest (S-1-5-21-3102649379-3115252332-174003478-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3102649379-3115252332-174003478-1002 - Limited - Enabled)
Myškec (S-1-5-21-3102649379-3115252332-174003478-1000 - Administrator - Enabled) => C:\Users\Myškec

==================== Faulty Device Manager Devices =============

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2015 00:10:23 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/14/2015 00:10:23 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/13/2015 07:45:36 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/13/2015 07:45:36 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/12/2015 09:23:10 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/12/2015 09:23:10 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/10/2015 01:34:54 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/10/2015 01:34:54 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/09/2015 09:07:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {35718503-e865-4737-9ade-58f55a2d9f46}

Error: (04/03/2015 11:55:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Setup.tmp, verze: 51.1052.0.0, časové razítko: 0x51092c85
Název chybujícího modulu: isskinex.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x4af171f4
Kód výjimky: 0xc0000005
Posun chyby: 0x1001f4f3
ID chybujícího procesu: 0x45c
Čas spuštění chybující aplikace: 0xSetup.tmp0
Cesta k chybující aplikaci: Setup.tmp1
Cesta k chybujícímu modulu: Setup.tmp2
ID zprávy: Setup.tmp3


System errors:
=============
Error: (04/15/2015 05:23:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (04/15/2015 03:45:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (04/15/2015 03:38:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2015 03:38:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2015 03:38:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2015 03:38:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2015 03:38:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2015 03:27:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (04/14/2015 10:58:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/14/2015 10:57:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (04/14/2015 00:10:23 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/14/2015 00:10:23 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/13/2015 07:45:36 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/13/2015 07:45:36 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/12/2015 09:23:10 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/12/2015 09:23:10 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/10/2015 01:34:54 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/10/2015 01:34:54 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (04/09/2015 09:07:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {35718503-e865-4737-9ade-58f55a2d9f46}

Error: (04/03/2015 11:55:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Setup.tmp51.1052.0.051092c85isskinex.dll_unloaded0.0.0.04af171f4c00000051001f4f345c01d06df2df9fad17C:\Users\MYKEC~1\AppData\Local\Temp\is-NR94H.tmp\Setup.tmpisskinex.dll85933d25-d9e7-11e4-bf66-ac220b2cb904


CodeIntegrity Errors:
===================================
Date: 2014-09-21 09:48:32.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MYKEC~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-21 09:48:32.216
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MYKEC~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-21 09:48:31.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-21 09:48:31.555
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 32%
Total physical RAM: 8190.12 MB
Available physical RAM: 5542.36 MB
Total Pagefile: 16378.42 MB
Available Pagefile: 13728.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:821.24 GB) NTFS
Drive e: (Nový 4. 1. 2014) (CDROM) (Total:5.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: 801C4ECA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[Myskec]

tady jsem zapnul jen ty rootkity a pmlouvám se, že v tom dělám takový zmatek :)

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.4.2015
Čas skenování: 17:26:23
Protokol: mm.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.15.05
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: MyA!kec

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 423569
Uplynulý čas: 58 min, 39 sek

Paměť: Vypnuto
Po spuštění: Vypnuto
Souborový systém: Zapnuto
Archivy: Vypnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[mople71]

V pořádku.

OS je legální?

[mople71]

Odinstaluj prosím tyto programy:

Kód: Vybrat vše

Driver Booster 2.2
IObit Malware Fighter
Smart QrCode Generator
Surfing Protection
Weather Europe Extension


-------------------------------------------------------------------

Tyto soubory prosím otestuj na VirusTotal a dej mi sem odkazy na jejich test (pokud již byl soubor analyzován, klikni na Reanalyse): https://www.virustotal.com/

Kód: Vybrat vše

C:\Users\Myškec\AppData\Roaming\msmpccog.dat
C:\Users\Myškec\AppData\Roaming\msioedtv.dat
C:\Users\Myškec\AppData\Roaming\appdataFr3.bin


-------------------------------------------------------------------

Aplikuj fixlist pro FRST:

Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe

BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Extension: Ads Removal - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\adremoveext@adremoveext.net [2015-04-15]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

CHR Extension: (Skype Click to Call) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

S3 cpuz134; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]

Folder: C:\ProgramData\ProductData

C:\Windows\Tasks\*.job

testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!
nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!

Task: {051FF351-D1A6-4335-A621-51E601D7E96E} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {3D235D3B-9CF7-4732-BCFC-94CFA0FEEF29} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {5C5FF7B2-EADB-4C08-BE74-460525D8D600} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {61455F4A-A17F-46CD-AE5D-46DD904C9257} - System32\Tasks\Driver Booster SkipUAC (Myškec) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {90C2F2E4-F986-4560-83E6-6EEE046AAE51} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {94789159-6819-4A9D-802D-6CDFA5608F5F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {DEB2B219-FCB3-482D-BB8B-6B97409D215F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {EC1E79D5-097D-4704-A1A8-652173BBEFB4} - System32\Tasks\{C5B55782-A1E7-4E82-BEAA-3BF818AF1B19} => pcalua.exe -a E:\Desperados.exe -d E:\ -c -autorun
Task: {FAD00ECC-FFB4-473E-86AE-5EC425E379D5} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

CMD: dir %programdata%
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog

EmptyTemp:
RemoveProxy:
End

Poté otevři FRST a klikni na tlačítko >Fix<. Následně dodej fixlog.

[Myskec]

legální myslíš aktivovaný nebo koupený? .),mívám v tom zmatek, ale mám je stáhlý z netu a aktivovaný :)

[mople71]

Koupený.

[Myskec]

ne tak to nemám,jen aktivovaný. Jo a některý ty programy nemůžu ani v pc najít(smart generator a weather europe :) ) a ten malware fighter mě vůbec nejde odinstalovat,nějak to nereaguje, když dám odinstalovat, nevím proč. tak mám i tak otestovat ty soubory?

[Myskec]

testy těch souborů. Teda doufám :)
https://www.virustotal.com/cs/file/ba3d ... 429118567/
https://www.virustotal.com/cs/file/c7f8 ... 429118549/
https://www.virustotal.com/cs/file/cde4 ... 429118469/

[Myskec]

Fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-04-2015 02
Ran by Myškec at 2015-04-15 19:29:20 Run:1
Running from C:\Stažené
Loaded Profiles: Myškec (Available profiles: Myškec)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CurrentVersion\Windows: [Load] C:\Users\User\AppData\Local\Temp\JavaUpdater.exe <===== ATTENTION
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} - I:\LaunchU3.exe -a
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {651c219e-c17a-11e3-9400-ac220b2cb904} - G:\setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9a16cc4c-4650-11e3-96f3-ac220b2cb904} - F:\I_am_Alive_Setup.exe
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ee67c481-b25c-11e3-bc08-ac220b2cb904} - E:\Setup.exe

BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Extension: Ads Removal - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\adremoveext@adremoveext.net [2015-04-15]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

CHR Extension: (Skype Click to Call) - C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

S3 cpuz134; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\MYKEC~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]

Folder: C:\ProgramData\ProductData

C:\Windows\Tasks\*.job

testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!
nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!

Task: {051FF351-D1A6-4335-A621-51E601D7E96E} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {3D235D3B-9CF7-4732-BCFC-94CFA0FEEF29} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {5C5FF7B2-EADB-4C08-BE74-460525D8D600} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {61455F4A-A17F-46CD-AE5D-46DD904C9257} - System32\Tasks\Driver Booster SkipUAC (Myškec) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {90C2F2E4-F986-4560-83E6-6EEE046AAE51} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {94789159-6819-4A9D-802D-6CDFA5608F5F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {DEB2B219-FCB3-482D-BB8B-6B97409D215F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {EC1E79D5-097D-4704-A1A8-652173BBEFB4} - System32\Tasks\{C5B55782-A1E7-4E82-BEAA-3BF818AF1B19} => pcalua.exe -a E:\Desperados.exe -d E:\ -c -autorun
Task: {FAD00ECC-FFB4-473E-86AE-5EC425E379D5} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

CMD: dir %programdata%
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog

EmptyTemp:
RemoveProxy:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
"HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c17f2ca-6f4d-11e4-ac11-ac220b2cb904}" => Key deleted successfully.
HKCR\CLSID\{4c17f2ca-6f4d-11e4-ac11-ac220b2cb904} => Key not found.
"HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{651c219e-c17a-11e3-9400-ac220b2cb904}" => Key deleted successfully.
HKCR\CLSID\{651c219e-c17a-11e3-9400-ac220b2cb904} => Key not found.
"HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a16cc4c-4650-11e3-96f3-ac220b2cb904}" => Key deleted successfully.
HKCR\CLSID\{9a16cc4c-4650-11e3-96f3-ac220b2cb904} => Key not found.
"HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee67c481-b25c-11e3-bc08-ac220b2cb904}" => Key deleted successfully.
HKCR\CLSID\{ee67c481-b25c-11e3-bc08-ac220b2cb904} => Key not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Error setting value.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll => Moved successfully.
C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\adremoveext@adremoveext.net => Moved successfully.
C:\Users\Myškec\AppData\Roaming\Mozilla\Firefox\Profiles\nuhu0irj.default\Extensions\iobitascsurfingprotection@iobit.com not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
C:\Users\Myškec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
cpuz134 => Service deleted successfully.
cpuz137 => Service deleted successfully.

========================= Folder: C:\ProgramData\ProductData ========================

2015-04-15 15:46 - 2015-04-15 15:46 - 0000030 _____ () C:\ProgramData\ProductData\db2Stat.ini
2015-04-15 15:46 - 2015-04-15 17:24 - 0000229 _____ () C:\ProgramData\ProductData\StatCache.db

====== End of Folder: ======

C:\Windows\Tasks\*.job => Moved successfully.

Pýi pokusu o odstranŘnˇ zadan‚ho datov‚ho prvku doçlo k chybŘ.
Prvek nebyl nalezen.

Pýi pokusu o odstranŘnˇ zadan‚ho datov‚ho prvku doçlo k chybŘ.
Prvek nebyl nalezen.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{051FF351-D1A6-4335-A621-51E601D7E96E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051FF351-D1A6-4335-A621-51E601D7E96E}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmartDefrag3_Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Update" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D235D3B-9CF7-4732-BCFC-94CFA0FEEF29} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C5FF7B2-EADB-4C08-BE74-460525D8D600}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5FF7B2-EADB-4C08-BE74-460525D8D600}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61455F4A-A17F-46CD-AE5D-46DD904C9257}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61455F4A-A17F-46CD-AE5D-46DD904C9257}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Myškec) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Myškec)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90C2F2E4-F986-4560-83E6-6EEE046AAE51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90C2F2E4-F986-4560-83E6-6EEE046AAE51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94789159-6819-4A9D-802D-6CDFA5608F5F} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEB2B219-FCB3-482D-BB8B-6B97409D215F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEB2B219-FCB3-482D-BB8B-6B97409D215F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC1E79D5-097D-4704-A1A8-652173BBEFB4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC1E79D5-097D-4704-A1A8-652173BBEFB4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C5B55782-A1E7-4E82-BEAA-3BF818AF1B19} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C5B55782-A1E7-4E82-BEAA-3BF818AF1B19}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAD00ECC-FFB4-473E-86AE-5EC425E379D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAD00ECC-FFB4-473E-86AE-5EC425E379D5}" => Key deleted successfully.
C:\Windows\System32\Tasks\SidebarExecute => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => Key deleted successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.

========= dir %programdata% =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je E2A3-9357.

V�pis adres��e C:\ProgramData

23.03.2015 09:57 <DIR> .mono
20.01.2014 16:50 <DIR> Adobe
01.07.2014 15:03 <DIR> AVAST Software
24.04.2014 17:00 <DIR> AVG
28.05.2014 15:22 <DIR> AVG2014
24.05.2014 15:00 <DIR> Blizzard Entertainment
24.01.2015 10:25 <DIR> boost_interprocess
12.04.2015 20:13 <DIR> clicKKit
25.03.2015 16:05 <DIR> DAEMON Tools Lite
05.11.2013 21:44 <DIR> DAEMON Tools Pro
18.01.2014 23:16 <DIR> Electronic Arts
13.04.2015 20:30 <DIR> ESET
27.03.2015 20:38 <DIR> IObit
30.10.2014 17:07 <DIR> Malwarebytes
16.06.2014 20:17 <DIR> McAfee
19.06.2014 21:12 <DIR> McAfee Security Scan
28.05.2014 15:22 <DIR> MFAData
13.03.2015 04:10 <DIR> Microsoft Help
05.11.2013 21:55 <DIR> Mozilla
10.04.2015 19:06 <DIR> NVIDIA
14.04.2015 20:23 <DIR> NVIDIA Corporation
10.08.2014 21:05 <DIR> Orbit
04.04.2015 14:34 <DIR> Origin
15.04.2015 15:46 <DIR> ProductData
14.12.2014 16:32 <DIR> RELOADED
30.03.2015 15:29 <DIR> Skype
23.03.2014 19:28 <DIR> Steam
12.04.2015 20:16 <DIR> taKKEsave
10.06.2014 17:50 <DIR> TEMP
Soubor�: 0, Bajt�: 0
Adres���: 29, Voln�ch bajt�: 881�943�519�232

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {1DBC9E0F-0FC0-4878-B3CE-9C04ED92F525}.
Unable to cancel {BE9A0D95-2594-4C13-9452-6589A491B253}.
0 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Katalog Winsock byl �sp��n� resetov�n.
K dokon�en� resetov�n� je nutn� restartovat po��ta�.


========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3102649379-3115252332-174003478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========

EmptyTemp: => Removed 433.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:29:47 ====