prosím o pomoc

[igor_g]

Na decku nemám nič, čo by bolo škodlivé napr fotky a korešpondenciu.

[altrok]

Kód: Vybrat vše

Typ skenu: Sken hrozeb
Uplynulý čas: 8 min, 9 sek

Dal jste jen sken hrozeb, ale i tento rychly sken Vam tu sbirku haveti trochu zmensil...
Nalezy smazte/presunte do karanteny a pak prosim sken zopakujte presne podle navodu (ne nadarmo je tam upozorneni 30 minut az nekolik hodin). Dejte vlastni sken a oznacte cely disk C: (pokud jste si jisty, ze je druhy disk cisty, D: kontrolovat nemusite) viz navod http://forum.viry.cz/viewtopic.php?f=29&t=137928

[igor_g]

Posledný sxken je nasledovný:
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 29.1.2015
Čas skenování: 19:07:23
Protokol: posledný.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.29.08
Databáze rootkitů: v2015.01.14.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: I

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 573796
Uplynulý čas: 47 min, 58 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Ten mystartsearch.com je tam stále.

[altrok]

log opet neni cely

pro kopirovani logu doporucuji klavesove zkratky
Ctrl + A (oznaci vse)
Ctrl + C (nakopiruje do schranky)
Ctrl + V (vlozi ze schranky do Vami urceneho umisteni... v tomto pripade do prispevku na foru)

[igor_g]

Program nič nenašiel a na kopirovanie používam tie skratky a program nič nenašiel a log je celý

PS
dal som to ešte raz skenovať.

[altrok]

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[igor_g]

Podľa času ten posledný posielam a je označený ako AdwCleaner[S1].txt, okrem tohoto sú tam ešte ďalšie 3.
Ďakujem pekne za Vašu trpezlivosť, ste tu fajn ľudia.
Ešte mám dotaz, ak by sa mi stalo niečo podobné ako toto čo ste riešil, môžem použiť tento spôsob aj programy na odstránenie takéhoto bordelu? - pordon za výraz.

# AdwCleaner v4.109 - Report created 29/01/2015 at 21:44:31
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : I - I-PC
# Running from : C:\Users\I\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\I\AppData\RoamIng\Dorrible
Folder Deleted : C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
File Deleted : C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\user.js
File Deleted : C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk
Shortcut Disinfected : C:\Users\I\Desktop\Explorer.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk
Shortcut Disinfected : C:\Users\I\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera12.14 1738.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{08B397A7-4C2A-45A4-897D-8AF7B3F7FC70}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CC181C9-A6FF-4E1E-A18D-4F2B862E07C2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v35.0.1 (x86 sk)

[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 73310431EA");
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\I\AppData\RoamIng\MozIlla\FIrefox\ProfIles\wqnqzlba.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v40.0.2214.93

[C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}

*************************

AdwCleaner[R0].txt - [8392 octets] - [17/10/2014 20:07:35]
AdwCleaner[R1].txt - [5745 octets] - [29/01/2015 21:42:41]
AdwCleaner[S0].txt - [7657 octets] - [17/10/2014 20:10:45]
AdwCleaner[S1].txt - [6502 octets] - [29/01/2015 21:44:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6562 octets] ##########

[altrok]

mystartsearch zmizel? muzeme uklidit pouzite nastroje?

tady jsme pouzili jen AdwCleaner a MBAM... MBAM muzete pouzivat, ale obcas smaze neco, co nema... totez se zridka stane i u AdwCleaneru, takze je lepsi pred mazanim nejake to povedomi o systemu a jeho soucastech mit

[igor_g]

mystartsearch zmizel? z firefoxu zmizol, bol som natešený ale pre zvedavosť som si ešte spustil chrome a vida tam ešte je, tak neviem či sa to bude dať ešte odstrániť ak áno tak prosím o ďalšiu tradu. Ďakujem, ja už idem spať tak potom zajtra, dobrú noc.

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[igor_g]

Dobrý deň, prikladám ako prílohu, podľa návodu aj addition.rar, ktorý je spakovaný a frst log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by I (administrator) on I-PC on 30-01-2015 11:24:20
Running from C:\Users\I\Desktop
Loaded Profiles: I (Available profiles: I & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Genius\ioCentre\GMouseService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ZONER software) D:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\UniColor Pro\ucpro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2007-03-30] (SONIX)
HKLM-x32\...\Run: [UniColor Pro] => C:\Program Files (x86)\EIZO\UniColor Pro\ucpro.exe [4420416 2014-05-09] (EIZO Corporation)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2013-06-07] ()
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "D:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-A5A3-6F2DD704B48D} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-A80A-726A07CA6637} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-A88D-F518D13861D9} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41-BB3E-16CBAF317AA4} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6141B429-35AB-4AE5-9B2A-E71BAE169201}: [NameServer] 195.146.128.60,195.146.132.59
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\I\AppData\Roaming\Mozilla\Firefox\Profiles\wqnqzlba.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Adblock Plus - C:\Users\I\AppData\Roaming\Mozilla\Firefox\Profiles\wqnqzlba.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-02]
FF Extension: YouTube Flash Video Player - C:\Users\I\AppData\Roaming\Mozilla\Firefox\Profiles\wqnqzlba.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2014-10-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 73310431EA
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 73310431EA"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\I\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ads Removal) - C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-01-29]
CHR Extension: (Peňaženka Google) - C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - Chrome.exe

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://www.mystartsearch.com/?type=sc&t ... 73310431EA

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [16384 2010-03-11] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HTCMonitorService; D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703616 2012-07-26] (SEIKO EPSON CORPORATION)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-09-22] (Nalpeiron Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [57952 2013-06-07] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2012-11-06] (Advanced Micro Devices) [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25600 2011-10-26] ()
S3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [14336 2009-11-02] ()
R3 gMouUsb16; C:\Windows\System32\DRIVERS\gMouUsb16.sys [11776 2009-06-25] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-01-30] ()
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () [File not signed]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () [File not signed]
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [30208 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10535040 2007-04-03] (Sonix Co. Ltd.)
R3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10246144 2007-04-03] (Sonix Co. Ltd.)
S3 STIrUsb; C:\Windows\System32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S2 AODDriver4.2; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 11:21 - 2015-01-30 11:24 - 00019861 _____ () C:\Users\I\Desktop\FRST.txt
2015-01-30 11:19 - 2015-01-30 11:22 - 00040564 _____ () C:\Users\I\Desktop\Addition.txt
2015-01-30 11:17 - 2015-01-30 11:24 - 00000000 ____D () C:\FRST
2015-01-30 11:17 - 2015-01-30 11:16 - 02130432 _____ (Farbar) C:\Users\I\Desktop\FRST64.exe
2015-01-30 11:13 - 2015-01-30 11:15 - 00029696 _____ () C:\Users\I\AppData\Local\MSGBOX.EXE
2015-01-30 10:15 - 2015-01-30 10:15 - 00001482 _____ () C:\Users\I\Desktop\ano.txt
2015-01-29 21:22 - 2015-01-29 21:22 - 02194432 _____ () C:\Users\I\Desktop\adwcleaner_4.109.exe
2015-01-29 17:40 - 2015-01-29 17:40 - 00002133 _____ () C:\Users\I\Desktop\kontrola decka.txt
2015-01-29 15:08 - 2015-01-29 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-29 14:52 - 2015-01-29 14:52 - 00003654 _____ () C:\Windows\System32\Tasks\klcp_update
2015-01-29 14:52 - 2015-01-29 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-01-29 14:52 - 2015-01-29 14:52 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-01-29 14:52 - 2014-12-02 15:10 - 00260184 _____ () C:\Windows\system32\unrar64.dll
2015-01-29 14:45 - 2015-01-29 15:08 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-29 14:45 - 2015-01-29 15:08 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-29 14:12 - 2015-01-29 14:13 - 00000956 _____ () C:\Users\I\Desktop\oCam.lnk
2015-01-29 14:12 - 2015-01-29 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\oCam
2015-01-29 14:12 - 2015-01-29 14:13 - 00000000 ____D () C:\Program Files (x86)\oCam
2015-01-29 14:12 - 2015-01-29 14:12 - 00000000 ____D () C:\Users\I\Documents\oCam
2015-01-29 14:12 - 2015-01-29 14:12 - 00000000 ____D () C:\Users\I\AppData\Roaming\oCam
2015-01-29 08:06 - 2015-01-30 11:06 - 00079302 _____ () C:\Windows\PFRO.log
2015-01-28 22:46 - 2015-01-30 10:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 22:46 - 2015-01-28 22:46 - 00001107 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-28 22:46 - 2015-01-28 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-28 22:46 - 2015-01-28 22:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 22:46 - 2015-01-28 22:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-28 22:46 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 22:46 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 22:46 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 21:23 - 2015-01-28 21:23 - 00000512 _____ () C:\PhysicalMBR.bin
2015-01-28 21:17 - 2015-01-28 21:17 - 00602112 _____ (OldTimer Tools) C:\Users\I\Desktop\OTL.exe
2015-01-28 20:23 - 2015-01-29 14:40 - 00000000 ____D () C:\rsit
2015-01-28 19:44 - 2014-04-10 12:05 - 00041304 _____ () C:\Windows\SysWOW64\Drivers\eve.sys
2015-01-28 18:58 - 2015-01-28 18:58 - 00000000 ____D () C:\Users\I\Documents\VSO Downloader
2015-01-28 18:57 - 2015-01-28 19:44 - 00000000 ____D () C:\Program Files (x86)\vso
2015-01-28 18:57 - 2015-01-28 18:57 - 00000000 ____D () C:\ProgramData\VSO
2015-01-28 14:53 - 2015-01-30 11:06 - 00002016 _____ () C:\Windows\setupact.log
2015-01-28 14:53 - 2015-01-28 14:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 20:45 - 2015-01-27 20:45 - 00001592 _____ () C:\Users\I\Desktop\RAVCpl64.exe – zástupce (2).lnk
2015-01-27 20:28 - 2015-01-27 20:39 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-27 20:23 - 2015-01-27 20:33 - 00525792 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2015-01-27 20:08 - 2014-12-02 15:10 - 00218712 _____ () C:\Windows\SysWOW64\unrar.dll
2015-01-27 18:43 - 2015-01-27 18:43 - 00000505 _____ () C:\Users\I\Desktop\Programy a funkce – zástupce.lnk
2015-01-27 18:41 - 2015-01-27 18:56 - 00000000 ____D () C:\Program Files\Shark007
2015-01-27 18:41 - 2015-01-27 18:41 - 00000000 ____D () C:\Program Files (x86)\Shark007
2015-01-27 18:40 - 2015-01-27 18:51 - 00000000 ____D () C:\ProgramData\Advanced
2015-01-27 18:33 - 2015-01-27 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec Pack
2015-01-27 18:33 - 2015-01-27 18:33 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe
2015-01-27 18:12 - 2015-01-27 18:12 - 00001592 _____ () C:\Users\I\Desktop\RAVCpl64.exe – zástupce.lnk
2015-01-27 14:48 - 2015-01-27 14:45 - 385007268 _____ () C:\Users\I\Desktop\Google-Nik-Collection-1.1.1.1-(2014)-EN-(Ml)-+-Akti_vator.rar
2015-01-27 14:33 - 2015-01-27 14:45 - 385007268 _____ () C:\Users\I\Downloads\Google-Nik-Collection-1.1.1.1-(2014)-EN-(Ml)-+-Akti_vator.rar
2015-01-26 20:21 - 2015-01-27 21:21 - 00000000 ____D () C:\Windows\Minidump
2015-01-20 14:46 - 2015-01-20 14:46 - 00106266 _____ () C:\Users\I\Documents\cc_20150120_144606.reg
2015-01-19 17:29 - 2015-01-19 17:29 - 00000000 ____D () C:\Users\I\dwhelper
2015-01-10 16:57 - 2015-01-10 16:57 - 00001217 _____ () C:\Users\I\Desktop\LibreOffice Writer.lnk
2015-01-10 14:30 - 2015-01-10 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2015-01-09 17:12 - 2015-01-09 17:12 - 00054955 _____ () C:\Users\I\Desktop\Rozdiel medzi iTTL a AA režimom.odt
2015-01-09 16:35 - 2015-01-09 16:35 - 00071133 _____ () C:\Users\I\Desktop\Jak fungují americké výzvědné služby v Česku_ Svědectví bývalého příslušníka vojenské kontrarozvědky VKR, exkluzivně pro AE News! _ AE News.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 11:22 - 2013-02-10 18:29 - 00000000 ____D () C:\Users\I\AppData\Roaming\Skype
2015-01-30 11:13 - 2009-07-14 05:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 11:13 - 2009-07-14 05:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 11:12 - 2009-07-14 16:18 - 00666194 _____ () C:\Windows\system32\perfh005.dat
2015-01-30 11:12 - 2009-07-14 16:18 - 00139890 _____ () C:\Windows\system32\perfc005.dat
2015-01-30 11:12 - 2009-07-14 06:13 - 01576554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 11:07 - 2013-11-09 18:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2015-01-30 11:06 - 2014-11-21 22:48 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2015-01-30 11:06 - 2014-10-25 20:39 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 11:06 - 2013-07-10 13:49 - 00000000 ____D () C:\Users\I\AppData\Local\HTC MediaHub
2015-01-30 11:06 - 2013-05-16 11:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-30 11:06 - 2013-02-09 15:27 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2015-01-30 11:06 - 2013-02-09 14:08 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-01-30 11:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 11:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2015-01-30 11:05 - 2013-08-25 20:53 - 02037991 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 10:53 - 2014-10-17 20:07 - 00000000 ____D () C:\AdwCleaner
2015-01-30 10:06 - 2014-10-25 20:39 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b9fd42787e8.job
2015-01-29 21:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2015-01-29 21:44 - 2014-02-09 15:19 - 00000747 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-29 21:44 - 2014-02-09 15:19 - 00000747 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-29 21:44 - 2013-02-19 21:32 - 00001303 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-29 21:44 - 2013-02-19 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-29 21:44 - 2013-02-09 18:21 - 00000980 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-29 21:44 - 2013-02-09 18:21 - 00000968 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-29 21:44 - 2013-02-09 17:07 - 00000936 _____ () C:\Users\I\Desktop\Explorer.lnk
2015-01-29 21:44 - 2013-02-08 22:30 - 00000966 _____ () C:\Users\I\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-29 19:05 - 2013-02-10 21:10 - 00000000 ____D () C:\Users\I\AppData\Roaming\vlc
2015-01-29 17:41 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-01-29 15:08 - 2013-02-10 18:29 - 00000000 ____D () C:\ProgramData\Skype
2015-01-29 14:59 - 2014-02-26 16:54 - 00007597 _____ () C:\Users\I\AppData\Local\resmon.resmoncfg
2015-01-29 14:40 - 2013-02-09 15:46 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-29 11:09 - 2013-02-10 18:56 - 00000000 ____D () C:\Windows\pss
2015-01-29 08:26 - 2013-05-05 19:38 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-28 20:23 - 2014-10-17 18:33 - 00000000 ____D () C:\Program Files\trend micro
2015-01-27 21:22 - 2014-06-12 20:46 - 00000000 ____D () C:\Users\I\AppData\Local\CrashDumps
2015-01-27 21:22 - 2013-02-16 19:23 - 00000000 ____D () C:\Users\I\AppData\Roaming\uTorrent
2015-01-27 20:23 - 2013-02-09 15:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-27 18:51 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-25 13:09 - 2013-06-21 12:29 - 00000778 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-24 22:01 - 2013-12-05 22:25 - 00046788 _____ () C:\Users\I\Documents\GenuineFractalsConduit.log
2015-01-23 18:12 - 2013-02-13 20:01 - 00000168 _____ () C:\Users\I\AppData\Roaming\PLGComp.ini
2015-01-22 16:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-22 13:28 - 2013-02-09 10:38 - 00000000 ____D () C:\AAA
2015-01-22 12:41 - 2013-02-09 10:38 - 00000000 ____D () C:\AA
2015-01-21 13:29 - 2013-10-13 20:35 - 00000000 ____D () C:\Users\I\Desktop\LIEČENIE
2015-01-19 17:29 - 2013-02-08 22:29 - 00000000 ____D () C:\Users\I
2015-01-18 12:37 - 2013-02-11 20:32 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-17 15:08 - 2013-02-11 20:36 - 00000000 ____D () C:\Users\I\Desktop\CANON
2015-01-16 17:55 - 2013-02-11 20:52 - 00000000 ____D () C:\Users\I\AppData\Local\Nero
2015-01-10 16:59 - 2014-09-27 16:08 - 00075056 _____ () C:\Users\I\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-10 16:57 - 2009-07-14 05:45 - 05025328 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 13:58 - 2013-02-09 16:37 - 00014400 _____ () C:\Windows\SLEX99.BMS
2015-01-10 13:53 - 2013-02-09 16:37 - 00000034 _____ () C:\Windows\SLEX99.INI
2015-01-02 19:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2013-04-14 19:44 - 2013-04-14 19:44 - 0083952 _____ () C:\Program Files (x86)\Odinstalovat produkt.exe
2014-02-11 20:58 - 2014-03-25 22:13 - 0000000 _____ () C:\Users\I\AppData\Roaming\designjet
2013-02-13 20:01 - 2015-01-23 18:12 - 0000168 _____ () C:\Users\I\AppData\Roaming\PLGComp.ini
2013-04-14 19:40 - 2014-10-18 18:13 - 0000000 _____ () C:\Users\I\AppData\Roaming\Reverb
2013-04-14 19:40 - 2013-05-12 11:00 - 0000000 _____ () C:\Users\I\AppData\Roaming\Services
2013-07-03 17:34 - 2013-07-03 17:34 - 0000018 _____ () C:\Users\I\AppData\Roaming\uid.dat
2013-11-28 18:06 - 2013-11-28 21:32 - 144752885 _____ () C:\Users\I\AppData\Local\ACCCx2_2_1_260.zip.aamdownload
2013-11-28 18:06 - 2013-11-28 21:32 - 0001817 _____ () C:\Users\I\AppData\Local\ACCCx2_2_1_260.zip.aamdownload.aamd
2013-03-03 15:41 - 2013-12-17 20:50 - 0001480 _____ () C:\Users\I\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-01-30 11:13 - 2015-01-30 11:15 - 0029696 _____ () C:\Users\I\AppData\Local\MSGBOX.EXE
2014-12-25 15:17 - 2014-12-25 15:17 - 0006702 _____ () C:\Users\I\AppData\Local\recently-used.xbel
2014-02-26 16:54 - 2015-01-29 14:59 - 0007597 _____ () C:\Users\I\AppData\Local\resmon.resmoncfg
2013-04-30 19:49 - 2013-10-27 22:43 - 0001120 _____ () C:\Users\I\AppData\Local\SRDownloader.nast
2014-03-25 22:13 - 2014-03-25 22:13 - 0000000 _____ () C:\ProgramData\business-inkjet
2014-02-11 20:53 - 2014-03-25 22:13 - 0000000 ____H () C:\ProgramData\PKP_DLbx.DAT
2013-04-14 19:40 - 2013-05-12 11:00 - 0000000 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-04-14 19:41 - 2014-10-17 15:34 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-04-14 19:40 - 2014-10-18 18:13 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-04-14 19:40 - 2014-10-18 18:13 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

Files to move or delete:
====================
C:\Users\I\fix_corrupted_nef.exe
C:\Users\I\HTC Quick Root.exe


Some content of TEMP:
====================
C:\Users\I\AppData\Local\Temp\Quarantine.exe
C:\Users\I\AppData\Local\Temp\SkypeSetup.exe
C:\Users\I\AppData\Local\Temp\sqlite3.dll
C:\Users\I\AppData\Local\Temp\tmp8191.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 13:58

==================== End Of Log ============================

[altrok]

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Odinstalujte stare a zranitelne verze javy Java 7 Update 45 (64-bit),Java 7 Update 51 a Java(TM) 6 Update 20. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Pokud nepouzivate, odinstalujte i Skype Click to Call - adware.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
  HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
  HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "D:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
  
  HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp ... 73310431EA
  CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=1422380511&from=smt&uid=KINGSTONXSV300S37A120G_50026B73310431EA"
  CHR DefaultSearchKeyword: Default -> mystartsearch
  CHR DefaultSuggestURL: Default -> 
  CHR Extension: (Ads Removal) - C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-01-29]
  
  S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  
  2015-01-30 11:21 - 2015-01-30 11:24 - 00019861 _____ () C:\Users\I\Desktop\FRST.txt
  2015-01-30 11:19 - 2015-01-30 11:22 - 00040564 _____ () C:\Users\I\Desktop\Addition.txt
  2015-01-30 11:13 - 2015-01-30 11:15 - 00029696 _____ () C:\Users\I\AppData\Local\MSGBOX.EXE
  2015-01-29 21:22 - 2015-01-29 21:22 - 02194432 _____ () C:\Users\I\Desktop\adwcleaner_4.109.exe
  2013-04-14 19:44 - 2013-04-14 19:44 - 0083952 _____ () C:\Program Files (x86)\Odinstalovat produkt.exe
  
  Task: {5ECE0A83-85A1-4E6D-AB68-0CE70D8935B6} - System32\Tasks\Driver Booster SkipUAC (I) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  Task: {75168866-8E54-4143-99F6-BCDF278B9852} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  Task: {86F055ED-4B8C-4A45-8478-4303DA38CBDA} - System32\Tasks\{803A8FA2-9E13-4B71-947D-AEE17357E17A} => pcalua.exe -a C:\Users\I\AppData\Local\Temp\Temp1_forteManager_V3.18.zip\Setup.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b9fd42787e8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
  Hosts:
  EmptyTemp:
  End
  

[igor_g]

Ďakujem, prikladám log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by I at 2015-01-30 18:07:05 Run:1
Running from C:\Users\I\Desktop
Loaded Profiles: I (Available profiles: I & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "D:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp ... 73310431EA
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 73310431EA"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
CHR Extension: (Ads Removal) - C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-01-29]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

2015-01-30 11:21 - 2015-01-30 11:24 - 00019861 _____ () C:\Users\I\Desktop\FRST.txt
2015-01-30 11:19 - 2015-01-30 11:22 - 00040564 _____ () C:\Users\I\Desktop\Addition.txt
2015-01-30 11:13 - 2015-01-30 11:15 - 00029696 _____ () C:\Users\I\AppData\Local\MSGBOX.EXE
2015-01-29 21:22 - 2015-01-29 21:22 - 02194432 _____ () C:\Users\I\Desktop\adwcleaner_4.109.exe
2013-04-14 19:44 - 2013-04-14 19:44 - 0083952 _____ () C:\Program Files (x86)\Odinstalovat produkt.exe

Task: {5ECE0A83-85A1-4E6D-AB68-0CE70D8935B6} - System32\Tasks\Driver Booster SkipUAC (I) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {75168866-8E54-4143-99F6-BCDF278B9852} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {86F055ED-4B8C-4A45-8478-4303DA38CBDA} - System32\Tasks\{803A8FA2-9E13-4B71-947D-AEE17357E17A} => pcalua.exe -a C:\Users\I\AppData\Local\Temp\Temp1_forteManager_V3.18.zip\Setup.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b9fd42787e8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
HKU\S-1-5-21-587793050-2680240534-2475341652-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
"HKU\S-1-5-21-587793050-2680240534-2475341652-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 7 => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\I\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen => Moved successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\I\Desktop\FRST.txt => Moved successfully.
C:\Users\I\Desktop\Addition.txt => Moved successfully.
C:\Users\I\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\I\Desktop\adwcleaner_4.109.exe => Moved successfully.
C:\Program Files (x86)\Odinstalovat produkt.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5ECE0A83-85A1-4E6D-AB68-0CE70D8935B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ECE0A83-85A1-4E6D-AB68-0CE70D8935B6}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (I) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (I)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75168866-8E54-4143-99F6-BCDF278B9852}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75168866-8E54-4143-99F6-BCDF278B9852}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86F055ED-4B8C-4A45-8478-4303DA38CBDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86F055ED-4B8C-4A45-8478-4303DA38CBDA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{803A8FA2-9E13-4B71-947D-AEE17357E17A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{803A8FA2-9E13-4B71-947D-AEE17357E17A}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b9fd42787e8.job => Moved successfully.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.


The system needed a reboot.

==== End of Fixlog 18:07:26 ====

[altrok]

Ted by se melo pocitaci znatelne ulevit... otestujte a dejte vedet, zda budeme patrat dal. Pripadne uz jen uklidime pouzite nastroje.

[igor_g]

Ďakujem pekne, vypadá to, že ta potvora je už preč. Pri spustení chrome, firefoxu a exploreru ju nevidieť.
Pred pár dnami som updatoval skype, a s kamarátaom si cez neho posielame fotky čo urobíme a zo 7-vej najnovšej rady sxa to tak pokazilo, že si prijimanie fotiek riadi sám, bez toho aby ste súhlasil.
Keď sme toto zistili tak sme si dali staršiu verziu 6.9 a potom to išlo v pohode. On tu veziu ešte má a ja som predvčerom si chcel pripojiť skype mi to nedovolil pripojiť s prehlásenim, že pripojenie nie je možné. Všeličo som skúšal a nič. Tak som potom ho updatoval na novú verziu a potom to išlo. Je to hrúza.
Neviem čo mám robiť, aby sa mi do pc nedostávali takéto potvory. Mám sice eset ale aj taksa tam dostne všeličo a nechodím nijak na nejaké bordelárske stránky. Keď človek nevie čo sú systemové súbory, napr. koľkorát je tam spustených aj niekoľko svchostov a teraz, ktorý tam nemá byť? To človek nevie.
Ak Vám to nebude vadiť, rád by som Vás poprosil o radu aký program používať na očistenie pc a vyhnutiu sa všeliakých blbostí, ktoré mi zaťažujú systém a celý pc.
Ešte raz ďakujem.