prosim o kontrolu

Zpráva

marek4582 · #1 Příspěvek od **marek4582** » 20 říj 2016 15:14

zdravim dostal som notebook od kamarata ktory si nan nejaky virus naistaloval a nevie sa ho zbavit sice som sa snazil niecoho zbavit len neviem ci to staci . dakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by acer (administrator) on JANKA-PC (20-10-2016 16:08:43)
Running from C:\Users\acer\Desktop
Loaded Profiles: acer (Available Profiles: acer)
Platform: Windows 8.1 Connected (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Pokki) C:\Users\acer\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\DsmUserTask.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-17] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2015-01-17] (Spotify Ltd)
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27009664 2016-10-09] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-24] (AVAST Software)
Startup: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2016-02-09]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{12531642-F9A3-4BE6-90D0-0FAC919F2A7E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F947B0DF-9008-47E2-A3B7-84D6A23365C9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1945729122-3333265746-4215407335-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1945729122-3333265746-4215407335-1001 -> DefaultScope {6A1806CD-94D4-4689 URL =
SearchScopes: HKU\S-1-5-21-1945729122-3333265746-4215407335-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1945729122-3333265746-4215407335-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-18] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-18] (AVAST Software)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-24]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.facebook.com/logout.php"
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2016-10-20]
CHR Extension: (Prezentácie Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-27]
CHR Extension: (Entanglement Web App) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2016-07-27]
CHR Extension: (Dokumenty Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Disk Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Adblock Plus) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Search) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Avast Online Security) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-08]
CHR Extension: (A Bit Windy) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjbpfmipgelldfjkdodmghlfcooadld [2016-07-29]
CHR Extension: (Avast SafePrice) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-09]
CHR Extension: (Tabuľky Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-21]
CHR Extension: (Poppit!) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2016-07-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-20]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-24] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [469736 2014-07-29] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-20 16:08 - 2016-10-20 16:09 - 00018226 _____ C:\Users\acer\Desktop\FRST.txt
2016-10-20 16:08 - 2016-10-20 16:08 - 00000000 ____D C:\FRST
2016-10-20 16:07 - 2016-10-20 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
2016-10-20 16:05 - 2016-10-20 16:05 - 02407424 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2016-10-20 15:55 - 2016-10-20 15:59 - 00000000 ____D C:\AdwCleaner
2016-10-20 15:55 - 2016-10-20 15:55 - 03910208 _____ C:\Users\acer\Desktop\adwcleaner_6.030.exe
2016-10-20 12:41 - 2016-10-20 12:41 - 00003264 _____ C:\Windows\System32\Tasks\{70E7B333-12C5-448B-84B6-29EA2244B06C}
2016-10-20 12:19 - 2016-10-20 12:20 - 00077824 ____N C:\Windows\KMSEmulator.exe
2016-10-20 12:09 - 2016-10-20 12:09 - 00000000 __RHD C:\MSOCache
2016-10-20 11:45 - 2016-10-20 11:45 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-10-20 10:23 - 2016-10-20 10:23 - 00003486 _____ C:\Windows\System32\Tasks\AutoKMS
2016-10-20 10:22 - 2016-10-20 12:50 - 00000000 ____D C:\Windows\AutoKMS
2016-10-20 10:08 - 2016-10-20 10:08 - 00003524 _____ C:\Windows\System32\Tasks\PPI Update
2016-10-20 10:07 - 2016-10-20 10:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2016-10-17 18:59 - 2016-10-17 18:59 - 15552054 ____H C:\Users\acer\Desktop\smolko,-okuliare,-kniha-169611.icon.bmp
2016-10-17 18:07 - 2016-10-17 18:48 - 00000000 ____D C:\Users\acer\Desktop\lístky
2016-10-17 17:10 - 2016-10-17 17:10 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-11 18:02 - 2016-10-11 18:02 - 00000000 ____D C:\ProgramData\GeoComply
2016-10-11 16:23 - 2016-10-11 18:01 - 00000000 ____D C:\Users\acer\AppData\Local\PokerStars.EU
2016-10-11 16:23 - 2016-10-11 16:23 - 00001996 _____ C:\Users\acer\Desktop\PokerStars.eu.lnk
2016-10-11 16:23 - 2016-10-11 16:23 - 00000000 ____D C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2016-10-11 16:23 - 2016-10-11 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2016-10-11 16:21 - 2016-10-11 16:32 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-10-04 18:53 - 2016-10-04 18:52 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-20 16:04 - 2015-08-10 10:28 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-20 16:02 - 2015-08-10 10:36 - 00000000 ____D C:\Users\acer\AppData\Roaming\Skype
2016-10-20 15:11 - 2016-02-03 00:26 - 00000000 ____D C:\Users\acer\Desktop\Janka Želinská
2016-10-20 15:08 - 2015-07-08 03:37 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1945729122-3333265746-4215407335-1001
2016-10-20 15:07 - 2015-01-17 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-20 15:03 - 2014-07-25 11:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-20 15:03 - 2014-03-18 11:33 - 00000000 ____D C:\Windows\ShellNew
2016-10-20 14:58 - 2013-08-22 15:25 - 00000108 _____ C:\Windows\win.ini
2016-10-20 14:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-20 14:46 - 2015-08-10 10:28 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-20 14:46 - 2015-08-10 10:17 - 00000000 ____D C:\Users\acer\OneDrive
2016-10-20 14:45 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-20 14:42 - 2014-03-18 11:47 - 00005392 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-20 14:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-20 12:30 - 2015-08-10 10:15 - 00000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2016-10-20 12:30 - 2015-08-10 08:49 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-20 12:21 - 2013-08-22 16:44 - 00493696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-20 09:38 - 2016-05-08 10:27 - 00000000 ____D C:\Users\acer\AppData\Local\Microsoft Help
2016-10-20 08:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-20 07:42 - 2015-07-08 03:31 - 00000000 ____D C:\Users\acer\AppData\Local\SweetLabs App Platform
2016-10-19 20:11 - 2015-09-18 08:22 - 00000000 ___RD C:\Users\acer\Desktop\TU -Fakulta zdravotníctva a soc. práce
2016-10-17 18:59 - 2016-08-30 12:24 - 00000000 ___RD C:\Users\acer\Desktop\Knihy
2016-10-17 18:59 - 2015-09-10 16:36 - 03857920 ___SH C:\Users\acer\Desktop\Thumbs.db
2016-10-17 18:47 - 2015-12-29 17:05 - 01451520 ___SH C:\Users\acer\Downloads\Thumbs.db
2016-10-17 18:09 - 2015-08-10 10:35 - 00000000 ____D C:\ProgramData\Skype
2016-10-17 18:08 - 2015-08-10 10:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-17 17:46 - 2015-08-10 08:49 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-17 17:36 - 2015-11-19 18:16 - 00000000 ____D C:\Users\acer\AppData\Roaming\uTorrent
2016-10-17 17:36 - 2015-07-08 03:31 - 00000000 ____D C:\Users\acer
2016-10-17 16:46 - 2015-11-19 18:17 - 00000000 ____D C:\Users\acer\AppData\LocalLow\uTorrent
2016-10-17 16:15 - 2016-02-05 18:16 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-10-17 16:06 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-17 15:53 - 2015-07-08 03:32 - 00000000 ____D C:\Users\acer\AppData\Local\Packages
2016-10-16 18:13 - 2015-12-16 21:43 - 00000000 ____D C:\Users\acer\AppData\Roaming\vlc
2016-10-14 18:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-05 19:23 - 2016-04-30 17:09 - 00000000 ___HD C:\Users\acer\Desktop\.picasaoriginals
2016-10-04 18:53 - 2016-06-29 18:42 - 00003924 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1467218555
2016-10-04 18:53 - 2015-10-31 12:05 - 00003300 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2016-10-04 16:17 - 2015-08-10 10:30 - 00002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 16:17 - 2015-08-10 10:30 - 00002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-01 22:33 - 2015-08-10 08:49 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-01 22:33 - 2015-08-10 08:49 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-26 18:38 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps

==================== Files in the root of some directories =======

2015-01-17 13:16 - 2015-01-17 13:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\acer\AppData\Local\Temp\COMAP.EXE
C:\Users\acer\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\acer\AppData\Local\Temp\oct13C5.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct1B24.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct28C5.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct366D.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct509D.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct6313.tmp.exe
C:\Users\acer\AppData\Local\Temp\oct98FF.tmp.exe
C:\Users\acer\AppData\Local\Temp\octAB78.tmp.exe
C:\Users\acer\AppData\Local\Temp\octB1F.tmp.exe
C:\Users\acer\AppData\Local\Temp\octD66F.tmp.exe
C:\Users\acer\AppData\Local\Temp\octDB05.tmp.exe
C:\Users\acer\AppData\Local\Temp\octE5B6.tmp.exe
C:\Users\acer\AppData\Local\Temp\octEF77.tmp.exe
C:\Users\acer\AppData\Local\Temp\octF62F.tmp.exe
C:\Users\acer\AppData\Local\Temp\ose00000.exe
C:\Users\acer\AppData\Local\Temp\set_hZAcUIKy.exe
C:\Users\acer\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\acer\Desktop" je 37404 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 20 říj 2016 16:24

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

VIRY.CZ

prosim o kontrolu

prosim o kontrolu

Re: prosim o kontrolu