Youndoo v google chrome

Zpráva

WinslowBLewitt · #1 Příspěvek od **WinslowBLewitt** » 21 kvě 2017 14:12

Zdravím, před časem jsem odstranil s vaší pomocí youndoo, ale nevím jak se to stalo, ale mám ho zase zpátky. Mám strach abych něco neudělal špatně, proto nepostupuji, tak jak minule. Nejdřív jsem vyčistil NTB AdwCleanerem a udělal FRST.log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by Aleš (administrator) on ALIMER (21-05-2017 15:08:39)
Running from C:\Users\Aleš\Desktop
Loaded Profiles: Aleš (Available Profiles: Aleš)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Users\Aleš\AppData\Roaming\ICQ\bin\icq.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-04-27] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [icq.desktop] => C:\Users\Aleš\AppData\Roaming\ICQ\bin\icq.exe [26353288 2017-03-09] ()
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.33.2
Tcpip\..\Interfaces\{EC25461E-1A64-4BC6-A019-98C590F12F9D}: [DhcpNameServer] 81.19.33.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.youndoo.com/?z=48116b1fd08e2f7cf2aa ... ET&type=hp"
CHR Profile: C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default [2017-05-21]
CHR Extension: (Dokumenty Google) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-15]
CHR Extension: (Disk Google) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Gmail) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-04-27] (AVG Technologies CZ, s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-05-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-05-13] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-09] (Disc Soft Ltd)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 15:00 - 2017-05-21 15:09 - 00009527 _____ C:\Users\Aleš\Desktop\FRST.txt
2017-05-21 14:58 - 2017-05-21 14:58 - 02429952 _____ (Farbar) C:\Users\Aleš\Desktop\FRST64.exe
2017-05-21 11:17 - 2017-05-21 11:34 - 299707998 _____ C:\Users\Aleš\Downloads\American-Horror-Story-S06E04-české-titulky-novinka.avi
2017-05-19 20:17 - 2017-05-19 20:17 - 00000000 ____D C:\Users\Aleš\AppData\Roaming\Google
2017-05-19 19:52 - 2017-05-19 19:53 - 00029696 _____ C:\Users\Aleš\AppData\Local\MSGBOX.EXE
2017-05-18 17:01 - 2017-05-18 17:01 - 00000000 ____D C:\Reimward
2017-05-16 12:33 - 2017-05-19 20:15 - 00000000 ____D C:\Terward
2017-05-13 21:23 - 2017-05-13 21:23 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-05-12 16:52 - 2017-05-12 16:52 - 00000000 ____D C:\Program Files (x86)\Default Company Name
2017-05-11 20:15 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-05-11 16:30 - 2017-05-11 16:30 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 16:30 - 2017-05-11 16:30 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\22
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\11
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-10 22:28 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 22:27 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 22:27 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 22:27 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 22:27 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 22:27 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 22:27 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 22:27 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 22:27 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 22:27 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 22:27 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 22:27 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 22:27 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 22:27 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 22:27 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 22:27 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 22:27 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 22:27 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 22:27 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 22:27 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 22:27 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 22:27 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 22:27 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 22:27 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-05-10 22:27 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 22:27 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 22:27 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 22:27 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 22:27 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 22:27 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 22:27 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 22:27 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 22:27 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 22:27 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 22:27 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 22:27 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 22:27 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-05-10 22:27 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 22:27 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 22:27 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 22:27 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 22:27 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2017-05-10 22:27 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 22:27 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 22:27 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 22:27 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 22:27 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 22:27 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 22:27 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 22:27 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 22:27 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 22:27 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 22:27 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 22:27 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 22:27 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 22:27 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 22:27 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-05-10 22:27 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-05-10 22:27 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-05-10 22:27 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2017-05-10 22:27 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 22:27 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-05-10 22:27 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 22:27 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 22:27 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 22:27 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 22:27 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 22:27 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 22:27 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 22:27 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-05-10 22:27 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-05-10 22:27 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-05-10 22:27 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml
2017-05-09 12:32 - 2017-05-09 12:32 - 00000000 ____D C:\Reaqapytegupy
2017-05-09 11:40 - 2017-05-17 17:08 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-08 14:41 - 2017-05-08 14:41 - 00000000 ____D C:\Users\Public\Documents\chrome
2017-05-08 14:41 - 2017-05-08 14:41 - 00000000 ____D C:\ProgramData\Documents\chrome
2017-04-28 13:38 - 2017-05-09 11:40 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-28 09:54 - 2017-04-28 09:54 - 00000000 ____D C:\Alitkojck
2017-04-27 11:51 - 2017-05-19 20:09 - 00000000 ____D C:\Windows\system32\log
2017-04-26 09:52 - 2017-04-28 12:54 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:51 - 2017-05-16 12:37 - 00000000 ____D C:\Program Files\MK
2017-04-26 09:51 - 2017-05-05 12:32 - 00000000 ____D C:\Insist

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 15:08 - 2017-03-12 20:06 - 00000000 ____D C:\FRST
2017-05-21 15:06 - 2017-03-13 20:15 - 00000000 ___RD C:\Users\Aleš\OneDrive
2017-05-21 15:05 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 15:05 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-21 14:49 - 2017-03-12 17:35 - 00000000 ____D C:\AdwCleaner
2017-05-21 13:33 - 2017-03-11 17:39 - 00000000 ____D C:\Users\Aleš\AppData\Roaming\vlc
2017-05-21 13:00 - 2017-03-11 17:38 - 00304640 ___SH C:\Users\Aleš\Downloads\Thumbs.db
2017-05-21 11:07 - 2017-03-09 19:09 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5499A130-B7E3-438B-A8F5-C1FB58732A1A}
2017-05-20 21:36 - 2017-03-09 21:07 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-05-19 21:26 - 2017-03-09 19:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665212609-1086795943-2148864915-1001
2017-05-19 20:10 - 2017-03-09 19:32 - 00000000 ____D C:\Program Files (x86)\Rebergeclarodom
2017-05-19 20:09 - 2017-04-07 10:33 - 00000000 ____D C:\Users\Aleš\AppData\Local\AMD
2017-05-19 20:09 - 2017-04-07 10:33 - 00000000 ____D C:\Update
2017-05-19 20:09 - 2017-03-14 20:56 - 00001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-14 20:56 - 00001310 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-14 20:56 - 00001310 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-09 19:04 - 00000979 _____ C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-05-19 20:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-05-19 18:36 - 2017-03-09 19:35 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1489080924
2017-05-19 18:36 - 2017-03-09 19:35 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-19 18:36 - 2017-03-09 19:35 - 00000000 ____D C:\Program Files\Opera
2017-05-19 17:32 - 2017-04-10 18:00 - 00002016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 22:33 - 2013-09-30 06:20 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-18 22:33 - 2013-09-30 05:57 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-05-18 22:33 - 2013-09-30 05:57 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-05-18 22:33 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-18 20:54 - 2017-03-11 19:07 - 00000000 ____D C:\Users\Aleš\Desktop\Filmy a seriály
2017-05-16 12:38 - 2017-04-10 18:00 - 00000000 ____D C:\Users\Aleš\AppData\LocalLow\Mozilla
2017-05-14 09:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-05-13 21:44 - 2017-03-09 21:08 - 00001028 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-13 21:44 - 2017-03-09 21:08 - 00001028 _____ C:\ProgramData\Desktop\AVG.lnk
2017-05-13 21:44 - 2017-03-09 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-13 21:24 - 2017-03-09 21:10 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
2017-05-13 21:24 - 2017-03-09 21:10 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-05-13 21:23 - 2017-03-09 21:10 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149470344956201
2017-05-13 21:23 - 2017-03-09 21:10 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-05-13 21:17 - 2013-08-22 16:44 - 00482008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 23:00 - 2017-03-21 22:37 - 00000000 ____D C:\Users\Aleš\Desktop\Hudba
2017-05-11 20:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 20:24 - 2017-04-12 21:52 - 00000000 _____ C:\Windows\SysWOW64\1
2017-05-11 20:24 - 2017-03-12 10:52 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 20:24 - 2017-03-12 10:51 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-10 00:11 - 2017-03-09 22:08 - 00000000 ____D C:\Users\Aleš\Desktop\ICQ
2017-05-09 19:58 - 2017-03-09 22:08 - 00000000 ____D C:\Users\Aleš\Desktop\Moje psaní
2017-05-05 23:10 - 2017-03-09 21:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-29 00:44 - 2017-04-15 11:23 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 00:44 - 2017-04-15 11:23 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 10:02 - 2017-03-14 20:56 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:02 - 2017-03-14 20:56 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-05-19 19:52 - 2017-05-19 19:53 - 0029696 _____ () C:\Users\Aleš\AppData\Local\MSGBOX.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-12 17:09

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 21 kvě 2017 14:15

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

WinslowBLewitt · #3 Příspěvek od **WinslowBLewitt** » 21 kvě 2017 14:35

Zde je log z AwdCleaner

# AdwCleaner v6.047 - Log vytvořen 21/05/2017 v 15:33:28
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Windows 8.1 Pro (X64)
# Uživatelské jméno : Aleš - ALIMER
# Spuštěno z : C:\Users\Aleš\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

[-] [C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: ourluckysites
[-] [C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: mystarting123
[-] [C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazáno: hxxp://www.youndoo.com/?z=48116b1fd08e2f7cf2aa ... ET&type=hp

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1829 Bajty] - [12/03/2017 17:39:06]
C:\AdwCleaner\AdwCleaner[C2].txt - [1401 Bajty] - [12/03/2017 21:18:08]
C:\AdwCleaner\AdwCleaner[C3].txt - [12078 Bajty] - [19/05/2017 20:09:51]
C:\AdwCleaner\AdwCleaner[C4].txt - [2356 Bajty] - [21/05/2017 14:49:55]
C:\AdwCleaner\AdwCleaner[C5].txt - [1546 Bajty] - [21/05/2017 15:33:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [1887 Bajty] - [12/03/2017 17:37:49]
C:\AdwCleaner\AdwCleaner[S1].txt - [1675 Bajty] - [12/03/2017 21:16:18]
C:\AdwCleaner\AdwCleaner[S2].txt - [14939 Bajty] - [19/05/2017 20:02:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [14653 Bajty] - [19/05/2017 20:04:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [2651 Bajty] - [21/05/2017 14:48:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [2654 Bajty] - [21/05/2017 15:33:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [2059 Bajty] ##########

#4 Příspěvek od **Rudy** » 21 kvě 2017 15:24

Dejte nový log FRST.

WinslowBLewitt · #5 Příspěvek od **WinslowBLewitt** » 21 kvě 2017 15:31

Zde je nový FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
Ran by Aleš (administrator) on ALIMER (21-05-2017 16:29:43)
Running from C:\Users\Aleš\Desktop
Loaded Profiles: Aleš (Available Profiles: Aleš)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Users\Aleš\AppData\Roaming\ICQ\bin\icq.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-04-27] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [icq.desktop] => C:\Users\Aleš\AppData\Roaming\ICQ\bin\icq.exe [26353288 2017-03-09] ()
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.33.2
Tcpip\..\Interfaces\{EC25461E-1A64-4BC6-A019-98C590F12F9D}: [DhcpNameServer] 81.19.33.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.youndoo.com/?z=48116b1fd08e2f7cf2aa ... ET&type=hp"
CHR Profile: C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default [2017-05-21]
CHR Extension: (Dokumenty Google) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-15]
CHR Extension: (Disk Google) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Gmail) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\Aleš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-04-27] (AVG Technologies CZ, s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166624 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [314128 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192584 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336896 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [51336 2017-05-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39424 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102280 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76832 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1008288 2017-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [570320 2017-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [160008 2017-05-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340824 2017-05-13] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-09] (Disc Soft Ltd)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 15:00 - 2017-05-21 16:30 - 00010052 _____ C:\Users\Aleš\Desktop\FRST.txt
2017-05-21 14:58 - 2017-05-21 14:58 - 02429952 _____ (Farbar) C:\Users\Aleš\Desktop\FRST64.exe
2017-05-21 11:17 - 2017-05-21 11:34 - 299707998 _____ C:\Users\Aleš\Downloads\American-Horror-Story-S06E04-české-titulky-novinka.avi
2017-05-19 20:17 - 2017-05-19 20:17 - 00000000 ____D C:\Users\Aleš\AppData\Roaming\Google
2017-05-19 19:52 - 2017-05-19 19:53 - 00029696 _____ C:\Users\Aleš\AppData\Local\MSGBOX.EXE
2017-05-18 17:01 - 2017-05-18 17:01 - 00000000 ____D C:\Reimward
2017-05-16 12:33 - 2017-05-19 20:15 - 00000000 ____D C:\Terward
2017-05-13 21:23 - 2017-05-13 21:23 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-05-12 16:52 - 2017-05-12 16:52 - 00000000 ____D C:\Program Files (x86)\Default Company Name
2017-05-11 20:15 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-05-11 20:15 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-05-11 16:30 - 2017-05-11 16:30 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 16:30 - 2017-05-11 16:30 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\22
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\11
2017-05-11 16:29 - 2017-05-11 16:29 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-10 22:28 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 22:27 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 22:27 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 22:27 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 22:27 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 22:27 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 22:27 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 22:27 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 22:27 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 22:27 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 22:27 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 22:27 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 22:27 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 22:27 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 22:27 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 22:27 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 22:27 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 22:27 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 22:27 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 22:27 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 22:27 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 22:27 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 22:27 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 22:27 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 22:27 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-05-10 22:27 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 22:27 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 22:27 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 22:27 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 22:27 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 22:27 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 22:27 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 22:27 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 22:27 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 22:27 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 22:27 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 22:27 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 22:27 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-05-10 22:27 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 22:27 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 22:27 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 22:27 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 22:27 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 22:27 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2017-05-10 22:27 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 22:27 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 22:27 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 22:27 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 22:27 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 22:27 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 22:27 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 22:27 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 22:27 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 22:27 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 22:27 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 22:27 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 22:27 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 22:27 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 22:27 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-05-10 22:27 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-05-10 22:27 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-05-10 22:27 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2017-05-10 22:27 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 22:27 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-05-10 22:27 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 22:27 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 22:27 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 22:27 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 22:27 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 22:27 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 22:27 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 22:27 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-05-10 22:27 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-05-10 22:27 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-05-10 22:27 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml
2017-05-09 12:32 - 2017-05-09 12:32 - 00000000 ____D C:\Reaqapytegupy
2017-05-09 11:40 - 2017-05-17 17:08 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-08 14:41 - 2017-05-08 14:41 - 00000000 ____D C:\Users\Public\Documents\chrome
2017-05-08 14:41 - 2017-05-08 14:41 - 00000000 ____D C:\ProgramData\Documents\chrome
2017-04-28 13:38 - 2017-05-09 11:40 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-28 09:54 - 2017-04-28 09:54 - 00000000 ____D C:\Alitkojck
2017-04-27 11:51 - 2017-05-19 20:09 - 00000000 ____D C:\Windows\system32\log
2017-04-26 09:52 - 2017-04-28 12:54 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:51 - 2017-05-16 12:37 - 00000000 ____D C:\Program Files\MK
2017-04-26 09:51 - 2017-05-05 12:32 - 00000000 ____D C:\Insist

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-21 16:29 - 2017-03-12 20:06 - 00000000 ____D C:\FRST
2017-05-21 15:34 - 2017-03-13 20:15 - 00000000 ___RD C:\Users\Aleš\OneDrive
2017-05-21 15:34 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-21 15:33 - 2017-03-12 17:35 - 00000000 ____D C:\AdwCleaner
2017-05-21 15:31 - 2017-03-11 17:38 - 00304640 ___SH C:\Users\Aleš\Downloads\Thumbs.db
2017-05-21 15:05 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-21 13:33 - 2017-03-11 17:39 - 00000000 ____D C:\Users\Aleš\AppData\Roaming\vlc
2017-05-21 11:07 - 2017-03-09 19:09 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5499A130-B7E3-438B-A8F5-C1FB58732A1A}
2017-05-20 21:36 - 2017-03-09 21:07 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-05-19 21:26 - 2017-03-09 19:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665212609-1086795943-2148864915-1001
2017-05-19 20:10 - 2017-03-09 19:32 - 00000000 ____D C:\Program Files (x86)\Rebergeclarodom
2017-05-19 20:09 - 2017-04-07 10:33 - 00000000 ____D C:\Users\Aleš\AppData\Local\AMD
2017-05-19 20:09 - 2017-04-07 10:33 - 00000000 ____D C:\Update
2017-05-19 20:09 - 2017-03-14 20:56 - 00001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-14 20:56 - 00001310 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-14 20:56 - 00001310 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2017-05-19 20:09 - 2017-03-09 19:04 - 00000979 _____ C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-05-19 20:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-05-19 18:36 - 2017-03-09 19:35 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1489080924
2017-05-19 18:36 - 2017-03-09 19:35 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-19 18:36 - 2017-03-09 19:35 - 00000000 ____D C:\Program Files\Opera
2017-05-19 17:32 - 2017-04-10 18:00 - 00002016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 22:33 - 2013-09-30 06:20 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-18 22:33 - 2013-09-30 05:57 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-05-18 22:33 - 2013-09-30 05:57 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-05-18 22:33 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-18 20:54 - 2017-03-11 19:07 - 00000000 ____D C:\Users\Aleš\Desktop\Filmy a seriály
2017-05-16 12:38 - 2017-04-10 18:00 - 00000000 ____D C:\Users\Aleš\AppData\LocalLow\Mozilla
2017-05-14 09:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-05-13 21:44 - 2017-03-09 21:08 - 00001028 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-13 21:44 - 2017-03-09 21:08 - 00001028 _____ C:\ProgramData\Desktop\AVG.lnk
2017-05-13 21:44 - 2017-03-09 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-13 21:24 - 2017-03-09 21:10 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
2017-05-13 21:24 - 2017-03-09 21:10 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-05-13 21:23 - 2017-03-09 21:10 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00159496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys.149470344956201
2017-05-13 21:23 - 2017-03-09 21:10 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-05-13 21:23 - 2017-03-09 21:10 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-05-13 21:22 - 2017-03-09 21:10 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-05-13 21:17 - 2013-08-22 16:44 - 00482008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 23:00 - 2017-03-21 22:37 - 00000000 ____D C:\Users\Aleš\Desktop\Hudba
2017-05-11 20:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 20:24 - 2017-04-12 21:52 - 00000000 _____ C:\Windows\SysWOW64\1
2017-05-11 20:24 - 2017-03-12 10:52 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 20:24 - 2017-03-12 10:51 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-10 00:11 - 2017-03-09 22:08 - 00000000 ____D C:\Users\Aleš\Desktop\ICQ
2017-05-09 19:58 - 2017-03-09 22:08 - 00000000 ____D C:\Users\Aleš\Desktop\Moje psaní
2017-05-05 23:10 - 2017-03-09 21:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-29 00:44 - 2017-04-15 11:23 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 00:44 - 2017-04-15 11:23 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 10:02 - 2017-03-14 20:56 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:02 - 2017-03-14 20:56 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-05-19 19:52 - 2017-05-19 19:53 - 0029696 _____ () C:\Users\Aleš\AppData\Local\MSGBOX.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-12 17:09

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 21 kvě 2017 16:54

Otevřte poznámkový blok a zkopírujte do něj:

Start
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
CHR StartupUrls: Default -> "hxxp://www.youndoo.com/?z=48116b1fd08e2f7cf2aa ... ET&type=hp"
C:\Windows\SysWOW64\3333333
C:\Windows\SysWOW64\1111111
C:\Windows\SysWOW64\22
C:\Windows\SysWOW64\11
C:\Windows\SysWOW64\00
C:\Reaqapytegupy
C:\Windows\SysWOW64\1111
C:\Alitkojck
C:\Insist
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

WinslowBLewitt · #7 Příspěvek od **WinslowBLewitt** » 22 kvě 2017 18:22

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-05-2017
Ran by Aleš (22-05-2017 19:19:01) Run:9
Running from C:\Users\Aleš\Desktop
Loaded Profiles: Aleš (Available Profiles: Aleš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
CHR StartupUrls: Default -> "hxxp://www.youndoo.com/?z=48116b1fd08e2f7cf2aa ... ET&type=hp"
C:\Windows\SysWOW64\3333333
C:\Windows\SysWOW64\1111111
C:\Windows\SysWOW64\22
C:\Windows\SysWOW64\11
C:\Windows\SysWOW64\00
C:\Reaqapytegupy
C:\Windows\SysWOW64\1111
C:\Alitkojck
C:\Insist
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdate.exe => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GoogleUpdaterService.exe => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key not found.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2665212609-1086795943-2148864915-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Chrome StartupUrls => removed successfully
"C:\Windows\SysWOW64\3333333" => not found.
"C:\Windows\SysWOW64\1111111" => not found.
"C:\Windows\SysWOW64\22" => not found.
"C:\Windows\SysWOW64\11" => not found.
"C:\Windows\SysWOW64\00" => not found.
"C:\Reaqapytegupy" => not found.
"C:\Windows\SysWOW64\1111" => not found.
"C:\Alitkojck" => not found.
"C:\Insist" => not found.
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7452084 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1734023 B
Edge => 0 B
Chrome => 22189122 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 816 B
NetworkService => 0 B
Aleš => 19904 B

RecycleBin => 0 B
EmptyTemp: => 37.9 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:19:04 ====

#8 Příspěvek od **Rudy** » 22 kvě 2017 19:01

OK. Nastala nějaká změna?

WinslowBLewitt · #9 Příspěvek od **WinslowBLewitt** » 26 kvě 2017 10:41

Ne, nenastala. Spustil jsem chrome a vše se zdálo v pořádku, ale při druhém spuštění chrome se tam youndoo zase objevilo.

#10 Příspěvek od **Rudy** » 26 kvě 2017 16:22

Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

WinslowBLewitt

LOG ze ZOEK

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Aleç on st 31. 05. 2017 at 12:16:17,91.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ALE~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-03-13-202919.log 4497 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default\prefs.js:

Added to C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201731.05._1250_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\7b9f4cb0.msi" not found
C:\PROGRA~2\AlphaGo deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default\searchplugins\startsearch.xml deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\ALE~1\AppData\Roaming\Firefox\Firefox\Profiles\9ivzzp9v.default
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@firefox.mozilla.org.xpi

==== Firefox Plugins ======================

==== Chromium Look ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Search Page"="http://www.ourluckysites.com/search/?ty ... earchTerms}"
"Default_Page_URL"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Default_Search_URL"="http://www.ourluckysites.com/search/?ty ... earchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.ourluckysites.com/search/?ty ... earchTerms}"
"Default_Page_URL"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Start Page"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Search Page"="http://www.ourluckysites.com/search/?ty ... earchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.ourluckysites.com/search/?ty ... earchTerms}"
"Default_Page_URL"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Start Page"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
"Search Page"="http://www.ourluckysites.com/search/?ty ... earchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.ourluckysites.com/?type=hp&t ... X52Q2C31ET"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5507BC7BEAFE2DC429A851BDF5F47F7C deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdaterService.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5507BC7BEAFE2DC429A851BDF5F47F7C deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\4FBF2D79FC276DD4D88A6217B07CEB17 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\8526B81131FB9C74D8642B3A9491B6D5 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\A0C256C217CE797408776F679471A70B deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7 folders=6 2056236 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ALE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 31. 05. 2017 at 15:48:48,41 ======================

#12 Příspěvek od **Rudy** » 31 kvě 2017 17:00

A Junkware?

WinslowBLewitt

Z toho nemůžu nic najít

#14 Příspěvek od **Rudy** » 31 kvě 2017 19:36

Změnilo se něco k lepšímu?

WinslowBLewitt

Vše se zdá být ok...

VIRY.CZ

Youndoo v google chrome

Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome

Re: Youndoo v google chrome