Prosím o kontrolu logu

Zpráva

Mataa90 · #1 Příspěvek od **Mataa90** » 28 lis 2017 17:39

Zdravím, prosím o kontrolu logu - zpomalený pc a při otevírání internetových stránek mi to ukazuje nezabezpečené připojení. Zkopírovala jsem přesný popis, co mi to ukazuje -

Majitel serveru http://www.google.cz nakonfiguroval své webové stránky nesprávně. Abychom chránili vaše informace před odcizením, Firefox se k této webové stránce nepřipojil.
Tento server používá HTTP Strict Transport Security (HSTS), čímž určuje, že se má Firefox připojovat pouze zabezpečeně. Z tohoto důvodu není možné přidat pro tento certifikát výjimku.

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Martina (administrator) on IDEA-PC (28-11-2017 17:08:56)
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 10.0.10.1 192.168.10.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: No Name - C:\Users\Martina\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-11-10]
FF Extension: No Name - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493\Extensions\s3google@translator.xpi [2017-11-15] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-11-16] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.pesweb.cz/cz/naplnte-misky"
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (IBM Security Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-11-27]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-11-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-11-07] (Electronic Arts)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2346992 2017-07-24] (IBM Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2016-05-16] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2016-05-16] ()
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [382720 2017-07-24] (IBM Corp.)
R4 RapportCerberus_1804063; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys [1271264 2017-07-13] (IBM Corp.)
R1 RapportCerberus_1804068; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804068.sys [1269696 2017-09-07] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [583840 2017-07-24] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [252320 2017-07-24] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [506368 2017-07-24] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [609024 2017-07-24] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [247216 2013-07-01] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-27 17:56 - 2017-11-27 17:57 - 11605074 _____ C:\Users\Martina\Downloads\skříňka koupelna (v.7).skp
2017-11-27 15:46 - 2017-11-27 20:34 - 3901839442 _____ C:\Users\Martina\Downloads\Dances with Wolves (Tanec s vlky) 1990 BRrip Director's cut orig zneni 1280x536.mkv
2017-11-22 23:15 - 2017-11-23 00:26 - 937783038 _____ C:\Users\Martina\Downloads\Copo-eleco.mp4
2017-11-16 23:29 - 2017-11-17 00:14 - 828540167 _____ C:\Users\Martina\Downloads\Die Geschwister.mp4
2017-11-15 20:53 - 2017-11-15 21:25 - 00000000 ____D C:\Users\Martina\Downloads\War For The Planet Of The Apes (2017) [YTS.AG]
2017-11-15 20:49 - 2017-11-15 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-14 18:11 - 2017-11-14 19:01 - 897599508 _____ C:\Users\Martina\Downloads\Loggerheads.avi
2017-11-14 15:18 - 2017-11-14 17:10 - 2009763008 _____ C:\Users\Martina\Downloads\Rosie.avi
2017-11-14 14:18 - 2017-11-14 14:59 - 734078976 _____ C:\Users\Martina\Downloads\Dog Tags.avi
2017-11-14 13:37 - 2017-11-14 14:18 - 733100032 _____ C:\Users\Martina\Downloads\3-Day Weekend.avi
2017-11-14 01:40 - 2017-11-14 02:21 - 735942656 _____ C:\Users\Martina\Downloads\LolaUndBilidikid.avi
2017-11-14 00:17 - 2017-11-28 00:55 - 00000000 ____D C:\Users\Martina\Downloads\Subs
2017-11-13 22:35 - 2017-11-13 23:21 - 820457268 _____ C:\Users\Martina\Downloads\Radiant.Sea.(Lichtes. Meer).2015.SCREENER.x264.AC3.mp4
2017-11-13 21:09 - 2017-11-13 22:01 - 923152946 _____ C:\Users\Martina\Downloads\[yaoiotaku.com] Takumi-kun 3 - Bibou no Detail.avi
2017-11-13 11:26 - 2017-11-13 11:26 - 00051016 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2017-11-13 11:26 - 2017-11-13 11:26 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2017-11-13 04:50 - 2017-11-13 04:50 - 00076335 _____ C:\Users\Martina\Downloads\The.Falls.Covenant.of.Grace.2016.en.srt.srt
2017-11-13 02:31 - 2017-11-13 02:31 - 00088285 _____ C:\Users\Martina\Downloads\Testament-of-love-82.srt
2017-11-12 23:38 - 2017-11-12 23:42 - 733740122 _____ C:\Users\Martina\Downloads\[ Torrent9.tv ] A.Bras.Ouverts.2017.FRENCH.BDRip.XviD-GZR.avi
2017-11-09 12:37 - 2017-11-09 14:11 - 1392947410 _____ C:\Users\Martina\Downloads\Kruh-1-(The-Ring)-CZ.avi
2017-11-09 10:48 - 2017-11-09 11:44 - 919605248 _____ C:\Users\Martina\Downloads\Sinister-2012_CZ_Dabing_.avi
2017-11-05 16:12 - 2017-11-05 16:12 - 00027175 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E10(0000293119).srt
2017-11-02 17:25 - 2017-11-02 17:25 - 00023807 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E09(0000292947).srt
2017-11-02 17:19 - 2017-11-02 17:19 - 00027974 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E08(0000292644).srt
2017-10-31 18:41 - 2017-11-28 11:29 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2017-10-30 19:51 - 2017-10-30 19:51 - 00029805 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E07(0000292603).srt
2017-10-30 19:49 - 2017-10-30 19:49 - 00028963 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E06(0000292426).srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-28 17:10 - 2013-11-26 20:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2017-11-28 17:08 - 2015-03-30 13:16 - 00000000 ____D C:\FRST
2017-11-28 16:59 - 2017-01-12 14:54 - 00000926 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-28 14:59 - 2017-01-12 14:54 - 00000922 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-28 12:51 - 2013-06-22 18:03 - 00016502 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2017-11-28 11:33 - 2017-05-19 13:50 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2017-11-28 11:33 - 2013-02-08 12:38 - 19831708 _____ C:\windows\system32\perfh005.dat
2017-11-28 11:33 - 2013-02-08 12:38 - 06410450 _____ C:\windows\system32\perfc005.dat
2017-11-28 11:30 - 2016-11-21 17:53 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\Mozilla
2017-11-28 11:30 - 2013-07-07 18:50 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2017-11-28 11:29 - 2013-06-19 08:07 - 19977216 ___SH C:\Users\Martina\Desktop\Thumbs.db
2017-11-28 00:51 - 2013-06-19 21:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2017-11-27 16:17 - 2013-06-22 18:10 - 00003195 _____ C:\Users\Martina\Desktop\filmy.txt
2017-11-27 12:05 - 2015-08-09 15:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2017-11-26 16:04 - 2016-07-09 13:43 - 00000000 ____D C:\ProgramData\ProductData
2017-11-23 19:36 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2017-11-23 19:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2017-11-23 15:10 - 2013-08-10 16:04 - 00000000 ____D C:\Users\Martina\Desktop\Složky
2017-11-19 12:31 - 2016-05-13 19:59 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-19 12:29 - 2017-09-04 02:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-16 18:41 - 2017-04-29 18:10 - 00003384 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 18:41 - 2017-04-29 18:10 - 00003256 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-16 10:02 - 2015-12-30 19:45 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-16 10:02 - 2015-12-30 19:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-16 09:30 - 2013-07-07 18:49 - 00000000 ____D C:\ProgramData\Skype
2017-11-16 09:29 - 2017-08-14 18:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-11-16 09:29 - 2016-12-01 14:43 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 09:29 - 2013-06-18 10:46 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Mozilla
2017-11-16 09:28 - 2016-12-10 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-15 20:49 - 2017-01-12 14:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-11-15 09:35 - 2013-06-18 11:03 - 00004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-11-15 09:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-11-15 09:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\Macromed
2017-11-14 16:55 - 2013-06-18 21:00 - 01412608 ___SH C:\Users\Martina\Downloads\Thumbs.db
2017-11-14 00:18 - 2013-06-18 20:54 - 00000000 ____D C:\Users\Martina\AppData\Roaming\vlc
2017-11-13 02:32 - 2015-04-20 13:23 - 00000000 ____D C:\KMPlayer
2017-11-02 17:09 - 2013-07-23 22:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy

==================== Files in the root of some directories =======

2004-06-01 16:21 - 2004-06-01 16:21 - 0289552 _____ (Microsoft Corporation) C:\Program Files (x86)\shlwapi.dll
2006-04-04 10:42 - 2006-04-04 10:42 - 0006537 _____ () C:\Program Files (x86)\XMLSchema1.xsd
2016-11-05 20:27 - 2016-11-05 20:27 - 0032038 _____ () C:\Users\Martina\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2013-06-18 11:15 - 2013-06-18 11:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-18 18:31 - 2017-04-18 18:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-27 16:16

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 28 lis 2017 19:28

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Mataa90 · #3 Příspěvek od **Mataa90** » 28 lis 2017 19:57

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 28 18:48:04 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-27-2017.1
# Running on Windows 8 (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare, C:\Users\Martina\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Conduit
PUP.Optional.Conduit, [Key] - HKCU\Software\Conduit

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1640 B] - [2016/4/19 13:32:22]
C:/AdwCleaner/AdwCleaner[C3].txt - [997 B] - [2015/12/14 13:40:55]
C:/AdwCleaner/AdwCleaner[C4].txt - [1694 B] - [2016/11/12 16:1:57]
C:/AdwCleaner/AdwCleaner[S1].txt - [1533 B] - [2016/4/19 13:26:38]
C:/AdwCleaner/AdwCleaner[S2].txt - [1778 B] - [2016/11/12 15:2:7]
C:/AdwCleaner/AdwCleaner[S3].txt - [2701 B] - [2015/12/14 13:14:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

#4 Příspěvek od **Rudy** » 28 lis 2017 20:48

V ADW ještě klikněte na mazání, restartujte a pak dejte nový log FRST.

Mataa90 · #5 Příspěvek od **Mataa90** » 29 lis 2017 20:42

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Martina (administrator) on IDEA-PC (29-11-2017 20:33:41)
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.19.0.dll [2017-11-13] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 10.0.10.1 192.168.10.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: No Name - C:\Users\Martina\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-11-10]
FF Extension: No Name - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493\Extensions\s3google@translator.xpi [2017-11-28] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-11-16] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.pesweb.cz/cz/naplnte-misky"
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (IBM Security Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-11-27]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-11-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-11-07] (Electronic Arts)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2350064 2017-09-28] (IBM Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2016-05-16] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2016-05-16] ()
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [384312 2017-09-28] (IBM Corp.)
R4 RapportCerberus_1804068; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804068.sys [1269696 2017-09-07] (IBM Corp.)
R1 RapportCerberus_1804077; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804077.sys [1271448 2017-11-29] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [585432 2017-09-28] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [253912 2017-09-28] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [507960 2017-09-28] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [610616 2017-09-28] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [247216 2013-07-01] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-29 20:32 - 2017-11-29 20:32 - 00001594 _____ C:\Users\Martina\Desktop\AdwCleaner[C3].txt
2017-11-28 19:34 - 2017-11-28 19:35 - 08261584 _____ (Malwarebytes) C:\Users\Martina\Desktop\adwcleaner_7.0.4.0.exe
2017-11-27 17:56 - 2017-11-27 17:57 - 11605074 _____ C:\Users\Martina\Downloads\skříňka koupelna (v.7).skp
2017-11-27 15:46 - 2017-11-27 20:34 - 3901839442 _____ C:\Users\Martina\Downloads\Dances with Wolves (Tanec s vlky) 1990 BRrip Director's cut orig zneni 1280x536.mkv
2017-11-22 23:15 - 2017-11-23 00:26 - 937783038 _____ C:\Users\Martina\Downloads\Copo-eleco.mp4
2017-11-16 23:29 - 2017-11-17 00:14 - 828540167 _____ C:\Users\Martina\Downloads\Die Geschwister.mp4
2017-11-15 20:53 - 2017-11-15 21:25 - 00000000 ____D C:\Users\Martina\Downloads\War For The Planet Of The Apes (2017) [YTS.AG]
2017-11-15 20:49 - 2017-11-15 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-14 18:11 - 2017-11-14 19:01 - 897599508 _____ C:\Users\Martina\Downloads\Loggerheads.avi
2017-11-14 15:18 - 2017-11-14 17:10 - 2009763008 _____ C:\Users\Martina\Downloads\Rosie.avi
2017-11-14 14:18 - 2017-11-14 14:59 - 734078976 _____ C:\Users\Martina\Downloads\Dog Tags.avi
2017-11-14 13:37 - 2017-11-14 14:18 - 733100032 _____ C:\Users\Martina\Downloads\3-Day Weekend.avi
2017-11-14 01:40 - 2017-11-14 02:21 - 735942656 _____ C:\Users\Martina\Downloads\LolaUndBilidikid.avi
2017-11-14 00:17 - 2017-11-28 00:55 - 00000000 ____D C:\Users\Martina\Downloads\Subs
2017-11-13 22:35 - 2017-11-13 23:21 - 820457268 _____ C:\Users\Martina\Downloads\Radiant.Sea.(Lichtes. Meer).2015.SCREENER.x264.AC3.mp4
2017-11-13 21:09 - 2017-11-13 22:01 - 923152946 _____ C:\Users\Martina\Downloads\[yaoiotaku.com] Takumi-kun 3 - Bibou no Detail.avi
2017-11-13 11:26 - 2017-11-13 11:26 - 00051016 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2017-11-13 11:26 - 2017-11-13 11:26 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 00045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2017-11-13 04:50 - 2017-11-13 04:50 - 00076335 _____ C:\Users\Martina\Downloads\The.Falls.Covenant.of.Grace.2016.en.srt.srt
2017-11-13 02:31 - 2017-11-13 02:31 - 00088285 _____ C:\Users\Martina\Downloads\Testament-of-love-82.srt
2017-11-12 23:38 - 2017-11-12 23:42 - 733740122 _____ C:\Users\Martina\Downloads\[ Torrent9.tv ] A.Bras.Ouverts.2017.FRENCH.BDRip.XviD-GZR.avi
2017-11-09 12:37 - 2017-11-09 14:11 - 1392947410 _____ C:\Users\Martina\Downloads\Kruh-1-(The-Ring)-CZ.avi
2017-11-09 10:48 - 2017-11-09 11:44 - 919605248 _____ C:\Users\Martina\Downloads\Sinister-2012_CZ_Dabing_.avi
2017-11-05 16:12 - 2017-11-05 16:12 - 00027175 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E10(0000293119).srt
2017-11-02 17:25 - 2017-11-02 17:25 - 00023807 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E09(0000292947).srt
2017-11-02 17:19 - 2017-11-02 17:19 - 00027974 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E08(0000292644).srt
2017-10-31 18:41 - 2017-11-29 20:22 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2017-10-30 19:51 - 2017-10-30 19:51 - 00029805 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E07(0000292603).srt
2017-10-30 19:49 - 2017-10-30 19:49 - 00028963 _____ C:\Users\Martina\Downloads\Suburra-la-serie-S01E06(0000292426).srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-29 20:33 - 2015-03-30 13:16 - 00000000 ____D C:\FRST
2017-11-29 20:32 - 2013-11-26 20:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2017-11-29 20:29 - 2016-11-21 17:53 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\Mozilla
2017-11-29 20:29 - 2013-07-07 18:50 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2017-11-29 20:24 - 2015-04-02 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2017-11-29 20:21 - 2017-01-12 14:54 - 00000922 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-29 20:21 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-11-29 20:19 - 2016-12-10 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-29 20:19 - 2016-12-01 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-29 20:19 - 2012-07-26 06:37 - 00000000 ____D C:\Windows
2017-11-29 20:19 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2017-11-29 20:18 - 2016-07-09 13:43 - 00000000 ____D C:\Users\Martina\AppData\Roaming\IObit
2017-11-29 20:08 - 2015-12-14 14:14 - 00000000 ____D C:\AdwCleaner
2017-11-29 19:59 - 2017-01-12 14:54 - 00000926 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-29 19:38 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2017-11-29 19:38 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2017-11-29 19:33 - 2017-05-19 13:50 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2017-11-29 19:33 - 2013-02-08 12:38 - 19845540 _____ C:\windows\system32\perfh005.dat
2017-11-29 19:33 - 2013-02-08 12:38 - 06415030 _____ C:\windows\system32\perfc005.dat
2017-11-28 19:34 - 2013-06-19 08:07 - 19990016 ___SH C:\Users\Martina\Desktop\Thumbs.db
2017-11-28 19:10 - 2013-06-22 18:10 - 00003200 _____ C:\Users\Martina\Desktop\filmy.txt
2017-11-28 12:51 - 2013-06-22 18:03 - 00016502 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2017-11-28 00:51 - 2013-06-19 21:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2017-11-27 12:05 - 2015-08-09 15:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2017-11-26 16:04 - 2016-07-09 13:43 - 00000000 ____D C:\ProgramData\ProductData
2017-11-23 15:10 - 2013-08-10 16:04 - 00000000 ____D C:\Users\Martina\Desktop\Složky
2017-11-19 12:31 - 2016-05-13 19:59 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-19 12:29 - 2017-09-04 02:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-16 18:41 - 2017-04-29 18:10 - 00003384 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 18:41 - 2017-04-29 18:10 - 00003256 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-16 10:02 - 2015-12-30 19:45 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-16 10:02 - 2015-12-30 19:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-16 09:30 - 2013-07-07 18:49 - 00000000 ____D C:\ProgramData\Skype
2017-11-16 09:29 - 2017-08-14 18:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-11-16 09:29 - 2016-12-01 14:43 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 09:29 - 2013-06-18 10:46 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Mozilla
2017-11-15 20:49 - 2017-01-12 14:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-11-15 09:35 - 2013-06-18 11:03 - 00004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-11-15 09:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-11-15 09:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\Macromed
2017-11-14 16:55 - 2013-06-18 21:00 - 01412608 ___SH C:\Users\Martina\Downloads\Thumbs.db
2017-11-14 00:18 - 2013-06-18 20:54 - 00000000 ____D C:\Users\Martina\AppData\Roaming\vlc
2017-11-13 02:32 - 2015-04-20 13:23 - 00000000 ____D C:\KMPlayer
2017-11-02 17:09 - 2013-07-23 22:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy

==================== Files in the root of some directories =======

2004-06-01 16:21 - 2004-06-01 16:21 - 0289552 _____ (Microsoft Corporation) C:\Program Files (x86)\shlwapi.dll
2006-04-04 10:42 - 2006-04-04 10:42 - 0006537 _____ () C:\Program Files (x86)\XMLSchema1.xsd
2016-11-05 20:27 - 2016-11-05 20:27 - 0032038 _____ () C:\Users\Martina\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2013-06-18 11:15 - 2013-06-18 11:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-18 18:31 - 2017-04-18 18:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-27 16:16

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 29 lis 2017 21:00

Otevřte poznámkový blok a zkopírujte do něj:

Start
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\Ament.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Task: {89D6492A-8CA9-41B3-8279-9343A3D08EE9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {C32B6957-AD68-47EA-A02A-02B1C08E9533} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Mataa90 · #7 Příspěvek od **Mataa90** » 29 lis 2017 21:52

Fix result of Farbar Recovery Scan Tool (x64) Version:14-12-2015
Ran by Martina (2017-11-29 21:45:26) Run:9
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\Ament.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Task: {89D6492A-8CA9-41B3-8279-9343A3D08EE9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {C32B6957-AD68-47EA-A02A-02B1C08E9533} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Int?rn?t ??pl?r?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION

EmptyTemp:
End
*****************

Could not restore Default URLSearchHook.
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\Ament.ini => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\Martina\AppData\Local\Temp" folder move:

"C:\Users\Martina\AppData\Local\Temp" => folder moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89D6492A-8CA9-41B3-8279-9343A3D08EE9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89D6492A-8CA9-41B3-8279-9343A3D08EE9}" => key removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C32B6957-AD68-47EA-A02A-02B1C08E9533}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C32B6957-AD68-47EA-A02A-02B1C08E9533}" => key removed successfully
C:\windows\System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\Windows Upgrade Notification Task" => key removed successfully
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Int?rn?t ??pl?r?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Int?rn?t ??pl?r?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION => Error: No automatic fix found for this entry.
EmptyTemp: => 943.1 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2017-11-29 21:48:55)

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 21:48:55 ====

#8 Příspěvek od **Rudy** » 29 lis 2017 21:56

Smazáno. Nastala nějaká změna?

Mataa90 · #9 Příspěvek od **Mataa90** » 29 lis 2017 22:34

Vypadá to, že ano. Děkuji!

#10 Příspěvek od **Rudy** » 30 lis 2017 19:06

Nemáte zač!

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu