Dobry prosim o kontrolu

[altrok]

Odinstalujte starou a zranitelnou verzi javy Java 7 Update 45. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [] => [X]
  HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
  
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-07] (AVG Technologies)
  S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
  
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d01ac4d4cebf30.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End
  

[Spike12]

Dobry tu je log Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2015
Ran by uzivatel at 2015-03-03 23:05:43 Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Boot Mode: Safe Mode (with Networking)
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-07] (AVG Technologies)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d01ac4d4cebf30.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: Restore point can only be created in normal mode.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
avgtp => Service stopped successfully.
avgtp => Service deleted successfully.
cleanhlp => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d01ac4d4cebf30.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 404.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:05:44 ====

[altrok]

Zlepsil se stav? Dejte novy FRST log.

[Spike12]

Tak stav sa kus zlepsil este vcera v normal rezime mi neslo spustit dake utilitky ako su tu na stranke napr to FRST,COmbo atd musel som to vse robit v nudzovom rezim a ani dobre nefungoval prikazovy riadok skusil som este dat scan v prikazovom riadku a vyzera ze tie veci co ste mi tu poradil pomohli uz v normal rezime idu spustit vsetky ikony a programy
Chcem sa este opytat ak my ten antimalware nic nenasiel tak asi vir by tu nemal byt asi ziadny popripade ak by sme mohli este poriadne precistit comp cez daku utilitky ale zatial velmi pekne dakujem za pomoc

Tak tu je spominany log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by uzivatel (administrator) on ASUS_P41S_03 on 04-03-2015 10:28:41
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc) C:\Program Files\TrueSuite\TrueSuite.Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AuthenTec Inc.) C:\Program Files\TrueSuite\TrueSuite.TouchControl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AuthenTec, Inc.) C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AuthenTec, Inc.) C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\ExpressGateUtil\VAWinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [ClientAppLogon] => C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe [420672 2010-11-12] (AuthenTec, Inc.)
HKLM\...\Run: [ClientAppLogon32] => C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe [307520 2010-11-12] (AuthenTec, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [191304 2011-01-13] ()
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [TSFPLOlayIcon] -> {F4DD9208-8229-492D-BCBF-2955F7AC38F4} => C:\Program Files\TrueSuite\TrueSuite.FPLOlayIcon.dll (AuthenTec, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2046514427-3509041855-1997376595-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2046514427-3509041855-1997376595-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: TrueSuite WebStore -> {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: TrueSuite WebStore -> {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2046514427-3509041855-1997376595-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2046514427-3509041855-1997376595-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: TrueSuite Website Log On - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com [2014-12-18]
FF Extension: TrueSuite WebStore - C:\Program Files (x86)\Mozilla Firefox\extensions\webstore@truesuite.com [2014-12-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-09-19]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-05]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akmghomonnhljmlfemmifjblglkacfhg [2015-01-11]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-05]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-05]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkdblcdkgeeeiegonlgdiifmjnkejhh [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-20]
CHR Extension: (Website Logon) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokdoppleiafjmfmggefbkghfblaplo [2014-12-20]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [oiokdoppleiafjmfmggefbkghfblaplo] - C:\Program Files\TrueSuite\x86\tschrome.crx [2010-10-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [5217168 2014-03-18] (CANON INC.)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 FPLService; C:\Program Files\TrueSuite\TrueSuite.Service.exe [290112 2010-11-12] (AuthenTec, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-03-01] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 10:28 - 2015-03-04 10:28 - 00021203 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-03-04 08:56 - 2015-03-04 08:56 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-03 23:40 - 2015-03-03 23:40 - 00003282 _____ () C:\Windows\System32\Tasks\{15E42DBE-0842-45B3-AC46-58401A7B05FD}
2015-03-03 08:45 - 2015-03-04 10:28 - 00000000 ____D () C:\FRST
2015-03-03 08:40 - 2015-03-03 08:40 - 02092544 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2015-03-03 00:32 - 2015-03-03 00:32 - 00018614 _____ () C:\ComboFix.txt
2015-03-02 23:51 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-02 23:51 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-02 23:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-02 23:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-02 23:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-02 23:51 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-02 23:51 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-02 23:51 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-02 23:27 - 2015-03-03 00:32 - 00000000 ____D () C:\Qoobox
2015-03-02 23:27 - 2015-03-03 00:30 - 00000000 ____D () C:\Windows\erdnt
2015-03-02 23:24 - 2015-03-02 23:24 - 05612482 ____R (Swearware) C:\Users\uzivatel\Desktop\ComboFix.exe
2015-03-02 11:46 - 2015-03-02 11:51 - 313692438 _____ () C:\Users\uzivatel\Downloads\FL-Studio-11.0.2-+-Crack--+-Blocks.rar
2015-03-01 15:40 - 2015-03-01 15:40 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-01 15:40 - 2015-03-01 15:40 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d01ac4d4cebf30
2015-03-01 15:31 - 2015-03-01 15:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-01 15:23 - 2015-03-02 08:58 - 00010048 _____ () C:\zoek-results.log
2015-03-01 15:22 - 2015-03-01 15:30 - 00000000 ____D () C:\zoek_backup
2015-03-01 15:21 - 2015-03-01 15:21 - 01304576 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2015-03-01 15:12 - 2015-03-01 15:12 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-01 15:12 - 2015-03-01 15:12 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-01 15:10 - 2015-03-01 15:10 - 00000845 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2015-03-01 14:49 - 2015-03-01 14:50 - 18687064 _____ () C:\Users\uzivatel\Desktop\RogueKillerX64.exe
2015-03-01 14:49 - 2015-03-01 14:49 - 01388274 _____ (Thisisu) C:\Users\uzivatel\Desktop\JRT.exe
2015-03-01 14:20 - 2015-03-01 14:20 - 02126848 _____ () C:\Users\uzivatel\Desktop\AdwCleaner.exe
2015-03-01 14:20 - 2015-03-01 14:20 - 00448512 _____ (OldTimer Tools) C:\Users\uzivatel\Downloads\TFC.exe
2015-03-01 14:19 - 2015-03-01 14:19 - 00050688 _____ (Atribune.org) C:\Users\uzivatel\Downloads\ATF-Cleaner.exe
2015-03-01 10:24 - 2015-03-04 10:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-01 10:24 - 2015-03-01 10:24 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-01 10:24 - 2015-03-01 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-01 10:24 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-01 10:24 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-01 10:24 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-28 20:01 - 2015-02-28 20:09 - 00095124 _____ () C:\Users\uzivatel\Downloads\aswclnr.log
2015-02-28 20:00 - 2015-02-28 20:00 - 00407680 _____ (ALWIL Software) C:\Users\uzivatel\Downloads\aswclnr.exe
2015-02-28 19:08 - 2015-02-28 19:08 - 02347384 _____ (ESET) C:\Users\uzivatel\Downloads\esetsmartinstaller_sky.exe
2015-02-28 18:03 - 2015-02-28 18:03 - 00001402 _____ () C:\Users\uzivatel\Downloads\Undelivered-Message (1).rfc822
2015-02-28 17:55 - 2015-02-28 17:55 - 00001402 _____ () C:\Users\uzivatel\Downloads\Undelivered-Message.rfc822
2015-02-28 17:54 - 2015-03-02 09:02 - 00000000 ____D () C:\AdwCleaner
2015-02-28 16:13 - 2015-02-28 16:13 - 00000000 ____D () C:\rsit
2015-02-26 16:16 - 2015-02-26 16:16 - 00011401 _____ () C:\Users\uzivatel\Downloads\hijackthis.log
2015-02-26 15:08 - 2015-03-01 00:11 - 00000000 ____D () C:\Users\uzivatel\Downloads\backups
2015-02-25 17:50 - 2015-03-01 10:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-25 17:50 - 2015-02-25 17:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 18:50 - 2015-02-24 18:50 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\uzivatel\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-23 21:29 - 2015-02-23 21:29 - 01175199 _____ () C:\Users\uzivatel\Documents\Meč pravdy 04 - Kámen slz 2.txt
2015-02-21 19:47 - 2015-02-21 19:47 - 01492801 _____ () C:\Users\uzivatel\Documents\Goodkind Terry - MP 2 - Kámen slz 1 - Armáda démonů.txt
2015-02-19 11:48 - 2015-02-19 11:48 - 01123456 _____ () C:\Users\uzivatel\Documents\Goodkind Terry - MP 1 - První čarodějovo pravidlo 2 - Tři schránky Ordenu.txt
2015-02-18 12:39 - 2015-02-18 12:42 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\FullTiltPoker.eu
2015-02-14 09:43 - 2015-02-14 09:43 - 01111363 _____ () C:\Users\uzivatel\Documents\Goodkind Terry - MP 1 - První čarodějovo pravidlo 1 - Zlověstný mág.txt
2015-02-07 20:42 - 2015-02-07 20:42 - 00000000 ____D () C:\Users\uzivatel\Documents\DyingLight
2015-02-07 15:55 - 2015-03-01 00:11 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Ulozto File Manager
2015-02-04 10:32 - 2015-02-04 10:37 - 920384302 _____ () C:\Users\uzivatel\Downloads\Jak-vycvicit-draka-2-cz.avi
2015-02-02 11:07 - 2015-02-02 11:07 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Daedalic Entertainment GmbH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 09:03 - 2009-07-14 05:45 - 00017120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 09:03 - 2009-07-14 05:45 - 00017120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 08:56 - 2014-12-17 19:38 - 00422064 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-04 08:56 - 2014-12-17 19:38 - 00049887 _____ () C:\Windows\setupact.log
2015-03-04 08:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 08:55 - 2014-08-31 20:16 - 01774509 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 08:46 - 2011-09-19 15:12 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-03-03 23:33 - 2013-08-31 16:49 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-03 23:06 - 2014-12-18 04:54 - 00734208 _____ () C:\Windows\PFRO.log
2015-03-03 22:51 - 2014-09-23 20:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Deployment
2015-03-03 08:42 - 2013-04-12 12:25 - 00000000 ____D () C:\Users\uzivatel\Documents\Bluetooth Folder
2015-03-03 08:30 - 2013-09-03 05:51 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2015-03-03 00:32 - 2014-09-23 20:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Apps\2.0
2015-03-03 00:29 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-01 15:48 - 2014-12-18 14:17 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-01 15:30 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-01 13:44 - 2014-08-11 10:54 - 00000000 ____D () C:\Windows\Minidump
2015-03-01 10:33 - 2011-09-19 18:22 - 00001866 _____ () C:\Windows\system32\ServiceFilter.ini
2015-03-01 10:33 - 2009-07-14 09:41 - 00000000 ____D () C:\Windows\RemotePackages
2015-03-01 00:19 - 2009-07-14 06:13 - 00779306 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-01 00:13 - 2011-10-07 12:07 - 00000000 ____D () C:\Users\uzivatel
2015-03-01 00:12 - 2014-12-13 16:53 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-01 00:12 - 2014-02-04 08:38 - 00000000 ____D () C:\Xerox
2015-03-01 00:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-01 00:11 - 2015-01-31 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KooBits
2015-03-01 00:11 - 2015-01-17 20:37 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2015-03-01 00:11 - 2015-01-17 20:36 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2015-03-01 00:11 - 2014-12-18 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-01 00:11 - 2014-12-18 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-01 00:11 - 2014-12-17 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2015-03-01 00:11 - 2014-12-17 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-01 00:11 - 2014-12-13 16:53 - 00000000 ____D () C:\Windows\system32\NV
2015-03-01 00:11 - 2014-11-14 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-01 00:11 - 2014-10-31 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2015-03-01 00:11 - 2014-10-30 13:59 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GENERALI Kalkulačka
2015-03-01 00:11 - 2014-10-20 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-01 00:11 - 2014-08-31 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2015-03-01 00:11 - 2014-08-31 20:24 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-03-01 00:11 - 2014-08-30 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-01 00:11 - 2014-05-27 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Varengold MetaTrader
2015-03-01 00:11 - 2014-05-22 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-01 00:11 - 2014-04-24 21:31 - 00000000 ____D () C:\Users\uzivatel\Documents\FIFA MANAGER 13
2015-03-01 00:11 - 2014-03-28 23:00 - 00000000 ____D () C:\Users\uzivatel\Documents\BioWare
2015-03-01 00:11 - 2014-03-15 18:36 - 00000000 ____D () C:\Users\uzivatel\Documents\Witcher 2
2015-03-01 00:11 - 2014-02-04 08:31 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Xerox
2015-03-01 00:11 - 2014-02-04 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-01 00:11 - 2014-02-04 08:03 - 00000000 ____D () C:\LJP1100_P1560_P1600_Full_Solution
2015-03-01 00:11 - 2013-11-19 20:48 - 00000000 ____D () C:\Users\uzivatel\Documents\Lexicon
2015-03-01 00:11 - 2013-11-02 19:38 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-01 00:11 - 2013-11-02 19:18 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-03-01 00:11 - 2013-11-01 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-01 00:11 - 2013-09-03 10:43 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\IrfanView
2015-03-01 00:11 - 2013-04-09 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-01 00:11 - 2011-10-07 12:07 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-01 00:11 - 2011-10-07 12:07 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-01 00:11 - 2011-10-07 12:07 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\VirtualStore
2015-03-01 00:11 - 2011-10-07 06:45 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-01 00:11 - 2011-10-07 06:44 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\GHISLER
2015-03-01 00:11 - 2011-09-19 18:29 - 00000000 ____D () C:\ExpressGateUtil
2015-03-01 00:11 - 2011-09-19 18:22 - 00000000 ____D () C:\ProgramData\P4G
2015-03-01 00:11 - 2011-09-19 18:07 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-01 00:11 - 2011-09-19 18:07 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-01 00:11 - 2011-09-19 18:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-01 00:11 - 2011-09-19 17:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-01 00:11 - 2011-09-19 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-01 00:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-01 00:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-01 00:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-03-01 00:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-01 00:01 - 2014-12-16 20:51 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Dropbox
2015-03-01 00:01 - 2013-11-02 19:19 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
2015-03-01 00:00 - 2014-12-17 20:24 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Mozilla
2015-02-28 23:59 - 2014-12-16 22:29 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-02-28 23:59 - 2013-09-03 05:51 - 00000000 ____D () C:\ProgramData\Skype
2015-02-28 23:55 - 2014-05-22 08:15 - 00000000 ____D () C:\NVIDIA
2015-02-28 23:54 - 2014-10-30 13:59 - 00000000 ____D () C:\Generali
2015-02-28 23:54 - 2011-09-19 18:23 - 00000000 ____D () C:\eSupport
2015-02-28 23:02 - 2014-09-21 16:26 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-24 20:06 - 2015-01-06 16:26 - 00011954 _____ () C:\Users\uzivatel\Desktop\call party.xlsx
2015-02-18 12:28 - 2014-10-31 23:04 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\FullTiltPoker
2015-02-08 11:10 - 2014-05-27 11:09 - 00007597 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== Files in the root of some directories =======

2013-09-03 12:45 - 2014-06-04 07:53 - 0003738 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-05-27 11:09 - 2015-02-08 11:10 - 0007597 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg
2011-11-18 07:48 - 2011-11-18 08:34 - 0001112 _____ () C:\ProgramData\hpzinstall.log

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\gcapi_dll.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-26 19:12

==================== End Of Log ============================

[altrok]

Kus spravil nebo uplne spravil? V logu uz havet nevidim, takze bych zacal uklizet. Co vy na to?

[Spike12]

Ano teda mozme poupratovat stav sa urcite zlepsil dakujem za doterajsie rady

[altrok]

Takze jeste uklidime.

• Prejmenujte ComboFix na Uninstall a spustte jako spravce
• ComboFix se odinstaluje.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Spike12]

Dakujem vyzera to omnoho lepsie dakujem za pomoc este raz

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy