VIRY.CZ

Ahoj, mám takový problém zapnul jsem si na běžnou kontrolu Eset online scanner a našel mi:varianta infiltrace Win32/OpenCandy.C potenciálně zneužitelná aplikace. Vyskočilo mi to 3x a mám z toho trošku obavy

Zdravim

nalezy ESETu smazte

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 a mrknem na to

Bohužel mi nejde stáhnout FRSTLauncher protože mě před tím chrání AVG i Chrome

Spustte tedy jen samotny FRST, bez Launcheru

tohle mi vyjelo:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Mekota (administrator) on AKREMW on 09-07-2015 15:03:40
Running from C:\Users\Mekota\Desktop
Loaded Profiles: Mekota (Available Profiles: Mekota)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5952\Battle.net.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5214632 2015-07-03] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-30] (Blizzard Entertainment)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {4b8b4c72-20f4-11e5-82ab-d850e64e6f58} - "F:\Setup.exe"
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {f135ce78-d43d-11e3-8269-d850e64e6f58} - "F:\Startme.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-05] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{B91F09F1-E941-4F9A-BCD7-44808DFAF761}: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-08] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-05-23] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1310209220-2229981774-3597418213-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mekota\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1310209220-2229981774-3597418213-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-05-23] (Pando Networks)

Chrome:
=======
CHR Profile: C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-22]
CHR Extension: (Google Drive) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22]
CHR Extension: (YouTube) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22]
CHR Extension: (Assassin's Creed 4 Black Flag [FVD]) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpadpijpfghpinpafnpjlipafpahkahk [2014-08-07]
CHR Extension: (Google Search) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-22]
CHR Extension: (AdBlock) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-28]
CHR Extension: (Google Wallet) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR Extension: (Gmail) - C:\Users\Mekota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-13] (ASUSTeK Computer Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-03] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-04-29] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-27] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-04] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [287208 2015-05-27] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 15:03 - 2015-07-09 15:03 - 00015896 _____ C:\Users\Mekota\Desktop\FRST.txt
2015-07-09 15:03 - 2015-07-09 15:03 - 00000000 ____D C:\FRST
2015-07-09 14:53 - 2015-07-09 14:53 - 02112512 _____ (Farbar) C:\Users\Mekota\Desktop\FRST64.exe
2015-07-09 14:20 - 2015-07-09 14:20 - 226607624 _____ (COMODO) C:\Users\Mekota\Desktop\cfw_installer_6106_53.exe
2015-07-09 00:07 - 2015-07-09 00:07 - 00000000 ____D C:\Users\Mekota\AppData\Local\SKIDROW
2015-07-09 00:03 - 2015-07-09 00:03 - 00000854 _____ C:\Users\Public\Desktop\Mark of the Ninja Special Edition.lnk
2015-07-09 00:03 - 2015-07-09 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mark Of The Ninja
2015-07-09 00:00 - 2015-06-28 10:30 - 00000000 ____D C:\Users\Mekota\Desktop\Viktor Sheen & Renne Dang - Projekt Asia (2015)
2015-07-08 19:45 - 2015-07-08 19:45 - 00000000 ____D C:\Users\Mekota\AppData\Local\Disc_Soft_Ltd
2015-07-08 19:38 - 2015-07-08 19:38 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-07-08 19:37 - 2015-07-08 19:39 - 00000000 ____D C:\Users\Mekota\AppData\Roaming\DAEMON Tools Lite
2015-07-08 19:37 - 2015-07-08 19:38 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-07-08 19:37 - 2015-07-08 19:37 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-07-08 19:37 - 2015-07-08 19:37 - 00001785 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-07-08 19:37 - 2015-07-08 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-07-08 19:37 - 2015-07-08 19:37 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-07-08 19:36 - 2015-07-08 19:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2015-07-08 19:33 - 2015-07-08 19:33 - 00000712 _____ C:\Users\Mekota\Desktop\Hry instal..lnk
2015-07-03 17:55 - 2015-07-03 18:53 - 1047494656 _____ C:\Users\Mekota\Desktop\HUNGER-GAMES-SÍLA-VZDORU-1.-část-2014-CZ-dabing.avi
2015-06-28 16:20 - 2015-06-28 20:06 - 1619687594 _____ C:\Users\Mekota\Desktop\Hunger Games Vrazedna pomsta 2013 DVD CZ Dabing.avi
2015-06-28 13:43 - 2015-06-28 13:43 - 00000773 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-06-27 18:04 - 2015-06-27 18:04 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-19 17:30 - 2015-06-19 17:30 - 00000000 ____D C:\Users\Mekota\Documents\Electronic Arts
2015-06-19 15:36 - 2015-06-19 15:36 - 00000896 _____ C:\Users\Mekota\Desktop\µTorrent.lnk
2015-06-19 15:34 - 2015-07-09 14:51 - 00000000 ____D C:\Users\Mekota\AppData\Roaming\uTorrent
2015-06-17 14:26 - 2015-06-17 21:20 - 992569344 _____ C:\Users\Mekota\Desktop\Hunger Games .2012 DVDRip CZ Dabing.avi
2015-06-10 00:02 - 2015-06-10 00:05 - 00000000 ____D C:\Users\Mekota\Desktop\NowSmart Recordings
2015-06-10 00:01 - 2015-06-10 00:01 - 00001959 _____ C:\Users\Public\Desktop\Audio Record Wizard.lnk
2015-06-10 00:01 - 2015-06-10 00:01 - 00000000 ____D C:\Users\Mekota\AppData\Local\arw
2015-06-10 00:01 - 2015-06-10 00:01 - 00000000 ____D C:\ProgramData\TEMP
2015-06-10 00:01 - 2015-06-10 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
2015-06-10 00:01 - 2015-06-10 00:01 - 00000000 ____D C:\Program Files (x86)\Audio Record Wizard
2015-06-09 23:39 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 23:39 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 23:39 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-09 23:39 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-09 23:39 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-09 23:39 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-09 23:39 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-09 23:39 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-09 23:39 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-09 23:38 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 23:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 23:38 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 23:38 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 23:38 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 23:38 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 23:38 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 23:38 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 23:38 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 23:38 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 23:38 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 23:38 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 23:38 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 23:38 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 23:38 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 23:38 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 23:38 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 23:38 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 23:38 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 23:38 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 23:38 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 23:38 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 23:38 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 23:38 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 23:38 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 23:38 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 23:38 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 23:38 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 23:38 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 23:38 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 23:38 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 23:38 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 23:38 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 23:38 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 23:38 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 23:38 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 23:38 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 23:38 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 23:38 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 23:38 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 23:38 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 23:38 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 23:38 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 23:38 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 23:38 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 23:38 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 23:38 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-09 23:38 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-09 23:38 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-09 23:38 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-09 23:38 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-09 23:38 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-09 23:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-09 23:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-09 23:38 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-09 23:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-09 23:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-09 23:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-09 23:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-09 23:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-09 23:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-09 23:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-09 23:38 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-09 23:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-09 23:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-09 23:38 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-09 23:38 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 15:02 - 2014-10-08 14:54 - 01856835 _____ C:\Windows\WindowsUpdate.log
2015-07-09 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-09 14:59 - 2014-04-16 17:06 - 00000000 ____D C:\Users\Mekota\AppData\Local\Battle.net
2015-07-09 14:52 - 2014-04-16 11:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1310209220-2229981774-3597418213-1001
2015-07-09 14:48 - 2014-04-22 22:06 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 14:21 - 2014-04-16 14:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 13:45 - 2014-04-16 11:30 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 13:45 - 2013-08-23 00:08 - 00738682 _____ C:\Windows\system32\perfh005.dat
2015-07-09 13:45 - 2013-08-23 00:08 - 00151404 _____ C:\Windows\system32\perfc005.dat
2015-07-09 13:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-09 13:41 - 2014-04-16 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-09 13:41 - 2014-04-16 14:37 - 00000000 ____D C:\ProgramData\MFAData
2015-07-09 13:39 - 2015-02-01 21:31 - 00016403 _____ C:\Windows\setupact.log
2015-07-09 13:39 - 2014-04-22 22:06 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 13:39 - 2014-04-16 15:33 - 00000000 ___DO C:\Users\Mekota\SkyDrive
2015-07-09 13:39 - 2014-04-16 11:26 - 00000000 ____D C:\Users\Mekota
2015-07-09 13:38 - 2014-04-16 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-09 13:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 00:09 - 2014-04-16 19:54 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-08 21:53 - 2015-02-24 15:29 - 00019954 _____ C:\Windows\PFRO.log
2015-07-08 21:53 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-08 21:50 - 2014-08-14 23:55 - 00000000 ____D C:\Users\Mekota\AppData\Roaming\vlc
2015-07-08 20:21 - 2014-04-16 14:26 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 19:43 - 2014-12-07 00:00 - 00000000 ____D C:\ProgramData\Skype
2015-07-08 19:42 - 2015-01-19 00:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-07-08 19:42 - 2014-10-23 15:27 - 00000000 ____D C:\Program Files\OBS
2015-07-08 19:42 - 2014-10-23 15:27 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-08 19:40 - 2014-05-12 17:28 - 00000000 ____D C:\Program Files (x86)\Sony
2015-07-08 19:33 - 2014-04-16 14:51 - 00665088 ___SH C:\Users\Mekota\Desktop\Thumbs.db
2015-07-08 16:28 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-08 16:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-30 23:48 - 2014-04-16 14:44 - 00000000 ____D C:\Users\Mekota\AppData\Roaming\TS3Client
2015-06-30 16:14 - 2013-08-22 16:44 - 00478424 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 13:51 - 2014-04-16 17:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-28 17:50 - 2014-04-28 16:24 - 00000000 ____D C:\Users\Mekota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-28 17:46 - 2015-02-16 19:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-28 17:45 - 2015-02-16 19:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-28 17:45 - 2013-08-23 00:10 - 00000000 ____D C:\Windows\ShellNew
2015-06-28 17:44 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-28 17:44 - 2013-08-22 15:25 - 00000076 _____ C:\Windows\win.ini
2015-06-28 16:24 - 2014-05-29 21:10 - 00000000 ____D C:\ProgramData\Origin
2015-06-27 18:06 - 2014-12-26 01:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 16:24 - 2014-04-16 11:26 - 00000000 ____D C:\Users\Mekota\AppData\Local\Packages
2015-06-17 19:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-15 21:24 - 2014-04-16 17:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-06-15 21:17 - 2015-04-16 22:49 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-15 21:17 - 2015-03-22 22:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-15 21:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-15 21:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-15 11:33 - 2014-04-16 12:07 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 11:28 - 2014-04-16 12:07 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 00:44 - 2015-06-08 22:24 - 00000000 ____D C:\Users\Mekota\Desktop\Mobil záloha

==================== Files in the root of some directories =======

2014-04-16 11:50 - 2014-04-16 11:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Mekota\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-28 17:56

==================== End of log ============================

Odinstalujte Spybot - Search & Destroy 2 - ma uz davno nejlepsi leta za sebou a neni schopen celit aktualnim hrozbam

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-30] (Blizzard Entertainment)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {4b8b4c72-20f4-11e5-82ab-d850e64e6f58} - "F:\Setup.exe" 
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {f135ce78-d43d-11e3-8269-d850e64e6f58} - "F:\Startme.exe" 
BootExecute: autocheck autochk * sdnclean64.exe

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-09 15:03 - 2015-07-09 15:03 - 00015896 _____ C:\Users\Mekota\Desktop\FRST.txt
2015-07-09 14:20 - 2015-07-09 14:20 - 226607624 _____ (COMODO) C:\Users\Mekota\Desktop\cfw_installer_6106_53.exe
2015-07-09 14:48 - 2014-04-22 22:06 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 14:21 - 2014-04-16 14:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

tak tohle je konečný výsledek

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Mekota at 2015-07-09 16:00:25 Run:1
Running from C:\Users\Mekota\Desktop
Loaded Profiles: Mekota (Available Profiles: Mekota)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-30] (Blizzard Entertainment)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {4b8b4c72-20f4-11e5-82ab-d850e64e6f58} - "F:\Setup.exe"
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\...\MountPoints2: {f135ce78-d43d-11e3-8269-d850e64e6f58} - "F:\Startme.exe"
BootExecute: autocheck autochk * sdnclean64.exe

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-09 15:03 - 2015-07-09 15:03 - 00015896 _____ C:\Users\Mekota\Desktop\FRST.txt
2015-07-09 14:20 - 2015-07-09 14:20 - 226607624 _____ (COMODO) C:\Users\Mekota\Desktop\cfw_installer_6106_53.exe
2015-07-09 14:48 - 2014-04-22 22:06 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 14:21 - 2014-04-16 14:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => value not found.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Battle.net => value removed successfully
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
"HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b8b4c72-20f4-11e5-82ab-d850e64e6f58}" => key removed successfully
HKCR\CLSID\{4b8b4c72-20f4-11e5-82ab-d850e64e6f58} => key not found.
"HKU\S-1-5-21-1310209220-2229981774-3597418213-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f135ce78-d43d-11e3-8269-d850e64e6f58}" => key removed successfully
HKCR\CLSID\{f135ce78-d43d-11e3-8269-d850e64e6f58} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
SDScannerService => Service not found.
SDUpdateService => Service not found.
SDWSCService => Service not found.
EagleX64 => Service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
C:\Users\Mekota\Desktop\FRST.txt => moved successfully.
C:\Users\Mekota\Desktop\cfw_installer_6106_53.exe => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 3.8 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 16:00:56 ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remove disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

A je uklizeno

poslední můj dotaz myslíte si že mám tak nějak "čistý" počítač ?

JJ melo by jiz byt cisto, cistoucko...

VIRY.CZ

Win32/OpenCandy.C

Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C

Re: Win32/OpenCandy.C