Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivka - prosím o zkontrolování

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

preventivka - prosím o zkontrolování

#1 Příspěvek od nulggath »

Prosím o zkontrolování logu.. Notebook v poslední době nešlape jak by měl.. A především prohlížení internetu je celkem nemožné - kvůli neustálým vyskakovacím oknům a otravným reklamám.. Zkoušel jsem čistit pomocí ccleaneru a spybotu, ale nic z toho nepomohlo a když prohlížeč přeinstaluji, tak je 'čistý' jen pár hodin.. Že-by rootkit nebo něco podobného?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by lkpaldus (administrator) on LUKAS (30-08-2017 22:34:44)
Running from C:\Users\lkpaldus\Desktop
Loaded Profiles: lkpaldus (Available Profiles: lkpaldus)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
() C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\lkpaldus\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\lkpaldus\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-31] ()
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [107192 2012-08-24] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-25] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [kbdsprt] => [X]
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [259072 2012-08-01] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {5605fe6c-2b78-11e7-800b-dc85de6a2aac} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {5605fe82-2b78-11e7-800b-dc85de6a2aac} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {5fb5abe9-1c8c-11e4-bef1-dc85de6a2aac} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {6893dd50-cc9b-11e2-be74-dc85de6a2aac} - "F:\Setup.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {6ce78589-106c-11e6-bfdf-08606e0347ff} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {71b82c8a-9e2d-11e3-824e-806e6f6e6963} - "E:\Setup.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {9333c520-2ce7-11e6-bfe3-08606e0347ff} - "G:\AutoRun.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\...\MountPoints2: {971d9cfa-7e6e-11e5-bfb5-dc85de6a2aac} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-31]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-05-14]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Rychlé spuštění.lnk [2016-02-18]
ShortcutTarget: SOLIDWORKS 2015 Rychlé spuštění.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-31]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 94.127.128.130 94.127.129.2
Tcpip\..\Interfaces\{CAA28AFA-B36D-48CB-A3B9-9B01EE0B47BD}: [DhcpNameServer] 94.127.128.130 94.127.129.2
Tcpip\..\Interfaces\{CE9C982B-7315-472B-9DDE-23C5BF51591B}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2082873774-2060557047-3007381998-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2082873774-2060557047-3007381998-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2082873774-2060557047-3007381998-1002 -> {990CD034-F663-4C58-8CF0-B077DFBF66C3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-08-13] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-31] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-06] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-13] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-06] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-03] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 568lslkl.default
FF ProfilePath: C:\Users\lkpaldus\AppData\Roaming\Mozilla\Firefox\Profiles\568lslkl.default [2017-08-30]
FF Extension: (Avast SafePrice) - C:\Users\lkpaldus\AppData\Roaming\Mozilla\Firefox\Profiles\568lslkl.default\Extensions\sp@avast.com.xpi [2017-08-26]
FF Extension: (Avast Online Security) - C:\Users\lkpaldus\AppData\Roaming\Mozilla\Firefox\Profiles\568lslkl.default\Extensions\wrc@avast.com.xpi [2017-08-17]
FF Extension: (Adblock Plus) - C:\Users\lkpaldus\AppData\Roaming\Mozilla\Firefox\Profiles\568lslkl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-08]
FF Extension: (Firefox Screenshots) - C:\Users\lkpaldus\AppData\Roaming\Mozilla\Firefox\Profiles\568lslkl.default\features\{56a41623-7a71-44f1-a78b-b934415aa66b}\screenshots@mozilla.org.xpi [2017-08-26]
FF ProfilePath: C:\Users\lkpaldus\AppData\Roaming\KompoZer\Profiles\70x1sjw7.default [2014-01-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-05-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2014-10-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-08] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\286587843.js [2017-08-15] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\286587843.cfg [2017-08-15] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.novinky.cz/koktejl/321387-sonda-por ... agonu.html
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/ ... clid=22668"
CHR Profile: C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default [2017-08-30]
CHR Extension: (Adblock Plus) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-12]
CHR Extension: (H.265 / HEVC player) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dambgipgbnhmnkdolkljibpcbocimnpd [2016-12-06]
CHR Extension: (Infected Mushroom) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnnindgjlefbclgkdfgjaikcdiaone [2017-07-28]
CHR Extension: (Tables) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-07-09]
CHR Extension: (Cesta skrz Středozem) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-12-08]
CHR Extension: (Ghostery) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-08-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-25] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-25] (AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-03-19] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-02-18] (SolidWorks) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-31] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-07-25] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-07-25] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-07-25] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-07-25] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [82936 2016-10-26] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-07-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-07-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-07-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-07-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-07-06] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-07-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-07-06] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 cmnxusbser; C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2013-06-03] (DT Soft Ltd)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64; C:\WINDOWS\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys [61632 2014-08-09] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-30 22:34 - 2017-08-30 22:34 - 000029783 _____ C:\Users\lkpaldus\Desktop\FRST.txt
2017-08-30 22:34 - 2017-08-30 22:34 - 000000000 ____D C:\FRST
2017-08-30 22:33 - 2017-08-30 22:33 - 000112640 _____ (forum.viry.cz) C:\Users\lkpaldus\Desktop\FRSTLauncher.exe
2017-08-30 22:30 - 2017-08-30 22:23 - 002395648 _____ (Farbar) C:\Users\lkpaldus\Desktop\FRST64.exe
2017-08-30 22:23 - 2017-08-30 22:23 - 002395648 _____ (Farbar) C:\Users\lkpaldus\Downloads\FRST64.exe
2017-08-30 22:22 - 2017-08-30 22:22 - 000000000 ____D C:\Users\Public\Documents\Pioneer DJ
2017-08-30 22:22 - 2017-08-30 22:22 - 000000000 ____D C:\Users\lkpaldus\Documents\rekordbox
2017-08-30 22:22 - 2017-08-30 22:22 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2017-08-30 22:21 - 2017-08-30 22:21 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\Pioneer
2017-08-30 22:19 - 2017-08-30 22:19 - 000000777 _____ C:\Users\lkpaldus\Desktop\rekordbox_x64.lnk
2017-08-30 22:19 - 2017-08-30 22:19 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pioneer
2017-08-30 22:17 - 2017-08-30 22:19 - 000000000 ____D C:\Program Files\Pioneer
2017-08-30 21:47 - 2017-08-30 21:48 - 162642873 _____ C:\Users\lkpaldus\Downloads\Install_rekordbox_x64_4_5_0.zip
2017-08-30 21:24 - 2017-07-07 14:28 - 000000000 ____D C:\Users\lkpaldus\Desktop\Visací zámek - Punk
2017-08-30 21:19 - 2017-08-30 21:19 - 000021065 _____ C:\Users\lkpaldus\Downloads\[CzT]Tomas_Klus_Ziv_je_2017_.torrent
2017-08-30 21:18 - 2017-08-30 21:18 - 000015817 _____ C:\Users\lkpaldus\Downloads\[CzT]Wohnout_Sladkych_dvacet_na_Vyzlovce_2016_.torrent
2017-08-30 21:17 - 2017-08-30 21:20 - 052056521 _____ C:\Users\lkpaldus\Downloads\Visací zámek - Punk.rar
2017-08-28 14:16 - 2017-08-28 14:16 - 000060580 _____ C:\Users\lkpaldus\Downloads\Game.of.Thrones.S07E07.WEB.H264-STRIFE.srt
2017-08-27 06:00 - 2017-08-27 06:00 - 000452177 _____ C:\Users\lkpaldus\Downloads\3a8ff138-7049-4e60-a033-dd517f274473.zip
2017-08-27 05:53 - 2017-08-27 05:53 - 000036499 _____ C:\Users\lkpaldus\Downloads\c41f93b2-7d98-4313-84e3-2d309738e22a.zip
2017-08-27 05:51 - 2017-08-27 05:51 - 000000022 _____ C:\Users\lkpaldus\Downloads\48d8e528-58bb-48e5-95cd-4d1343dbebba.zip
2017-08-27 03:57 - 2017-08-27 03:57 - 001428155 _____ C:\Users\lkpaldus\Downloads\263fd916-4439-4dfa-b616-76329333fe49.zip
2017-08-26 22:31 - 2017-08-26 22:31 - 005263054 _____ C:\Users\lkpaldus\Downloads\Serato DJ Intro 1.2.9(1).zip
2017-08-26 22:17 - 2017-08-26 22:17 - 000002519 _____ C:\Users\Public\Desktop\Serato DJ .lnk
2017-08-26 22:09 - 2017-08-26 22:13 - 239380812 _____ C:\Users\lkpaldus\Downloads\Serato DJ 1.9.7.zip
2017-08-26 22:00 - 2017-08-26 22:00 - 005263054 _____ C:\Users\lkpaldus\Downloads\Serato DJ Intro 1.2.9 (1).zip
2017-08-26 20:04 - 2017-08-26 22:05 - 000001179 _____ C:\Users\Public\Desktop\DJ Intro.lnk
2017-08-26 20:02 - 2017-08-26 20:02 - 005263054 _____ C:\Users\lkpaldus\Downloads\Serato DJ Intro 1.2.9.zip
2017-08-25 20:09 - 2017-08-25 20:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-23 21:09 - 2017-08-23 21:09 - 000145491 _____ C:\Users\lkpaldus\Downloads\The-LEGO-Batman-Movie(0000287831).srt
2017-08-23 10:18 - 2017-08-23 10:18 - 000002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-23 10:18 - 2017-08-23 10:18 - 000002194 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-21 20:33 - 2017-08-21 20:33 - 000056906 _____ C:\Users\lkpaldus\Downloads\The-Girl-with-All-the-Gifts(0000282203).srt
2017-08-21 20:14 - 2017-08-21 20:14 - 000035500 _____ C:\Users\lkpaldus\Downloads\The Girl with All the Gifts (2016) [1080p] [YTS.AG].torrent
2017-08-21 19:13 - 2017-08-21 19:13 - 000040768 _____ C:\Users\lkpaldus\Downloads\Fences (2016) [720p] [YTS.AG].torrent
2017-08-21 17:45 - 2017-08-21 17:45 - 000031257 _____ C:\Users\lkpaldus\Downloads\The LEGO Batman Movie (2017) [720p] [YTS.AG].torrent
2017-08-20 20:41 - 2017-08-20 20:41 - 000000508 _____ C:\Users\lkpaldus\Desktop\PALDUS JOSEF.p12 – zástupce.lnk
2017-08-19 23:42 - 2017-08-19 23:42 - 000527423 _____ ( ) C:\Users\lkpaldus\Downloads\Lame_v3.99.3_for_Windows.exe
2017-08-19 23:15 - 2017-08-19 23:15 - 000000000 ____D C:\Users\lkpaldus\Documents\Audacity
2017-08-19 21:48 - 2017-08-27 21:15 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\audacity
2017-08-19 21:48 - 2017-08-19 21:48 - 000001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-08-19 21:48 - 2017-08-19 21:48 - 000001025 _____ C:\Users\Public\Desktop\Audacity.lnk
2017-08-19 21:48 - 2017-08-19 21:48 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\Audacity
2017-08-19 21:48 - 2017-08-19 21:48 - 000000000 ____D C:\Program Files (x86)\Audacity
2017-08-19 21:47 - 2017-08-19 21:48 - 027113272 _____ (Audacity Team ) C:\Users\lkpaldus\Downloads\audacity-win-2.1.3.exe
2017-08-19 18:38 - 2017-08-19 18:38 - 000000000 ____D C:\Users\lkpaldus\Desktop\NowSmart Recordings
2017-08-19 16:06 - 2017-08-19 16:06 - 003963032 _____ C:\Users\lkpaldus\Downloads\arw6.exe
2017-08-18 20:21 - 2017-08-18 20:31 - 093006025 _____ C:\Users\lkpaldus\Downloads\Paulie-Garand---NIRVANA-ALBUM-(2017).rar
2017-08-18 10:23 - 2017-08-18 10:23 - 000000000 ____D C:\Users\lkpaldus\Documents\Bluetooth Folder
2017-08-17 23:47 - 2017-08-17 23:47 - 000001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-08-17 23:47 - 2017-08-17 23:47 - 000001397 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-08-17 23:47 - 2017-08-17 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-08-17 23:47 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2017-08-17 23:38 - 2017-08-17 23:38 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\lkpaldus\Downloads\spybotsd-2.6.46.exe
2017-08-17 23:36 - 2017-08-17 23:36 - 000000085 _____ C:\WINDOWS\wininit.ini
2017-08-17 21:42 - 2017-08-26 22:46 - 000000000 ____D C:\Users\lkpaldus\Desktop\P
2017-08-17 21:11 - 2017-08-17 21:19 - 090013988 _____ C:\Users\lkpaldus\Downloads\blender-2.78c-windows64.msi
2017-08-17 13:47 - 2017-08-17 13:47 - 000099177 _____ C:\Users\lkpaldus\Downloads\Gifted(0000289314).srt
2017-08-17 13:37 - 2017-08-17 13:37 - 006753408 _____ (ESET spol. s r.o.) C:\Users\lkpaldus\Downloads\esetonlinescanner_csy.exe
2017-08-17 13:37 - 2017-08-17 13:37 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\ESET
2017-08-16 00:09 - 2017-08-16 00:09 - 000000000 ____D C:\ProgramData\MTA San Andreas All
2017-08-15 23:12 - 2017-08-15 23:12 - 000019263 _____ C:\Users\lkpaldus\Downloads\Grand.Theft.Auto.San.Andreas - SKIDROW.torrent
2017-08-15 22:01 - 2017-08-15 22:01 - 000000980 _____ C:\Users\Public\Desktop\Traktor 2.lnk
2017-08-15 22:01 - 2017-08-15 22:01 - 000000000 __HDC C:\ProgramData\{53DC627C-2EC2-49E2-8DA7-F6013C8DAF5C}
2017-08-15 21:56 - 2017-08-15 21:56 - 000000000 __HDC C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2017-08-15 21:56 - 2017-08-15 21:56 - 000000000 __HDC C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2017-08-15 21:55 - 2017-08-15 21:55 - 000000000 __HDC C:\ProgramData\{DB2B4DA2-022F-4A27-A450-A6EB6677CA43}
2017-08-15 21:55 - 2017-08-15 21:55 - 000000000 __HDC C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2017-08-15 21:55 - 2017-08-15 21:55 - 000000000 __HDC C:\ProgramData\{1A60280D-28AA-4D0E-9E05-8E115B994BEF}
2017-08-15 21:54 - 2017-08-15 21:54 - 000000000 __HDC C:\ProgramData\{4FB3245C-1B65-4959-A8DA-A365D75D0AF4}
2017-08-15 21:54 - 2017-08-15 21:54 - 000000000 __HDC C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2017-08-15 21:54 - 2017-08-15 21:54 - 000000000 __HDC C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2017-08-15 21:54 - 2017-08-15 21:54 - 000000000 __HDC C:\ProgramData\{001400D9-8BC8-4B5C-892D-B224C94ECAF0}
2017-08-15 21:53 - 2017-08-15 21:53 - 000000000 __HDC C:\ProgramData\{EBAC69E7-D48F-4CC3-BD51-4AA55B9E55DC}
2017-08-15 21:53 - 2017-08-15 21:53 - 000000000 __HDC C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2017-08-15 21:53 - 2017-08-15 21:53 - 000000000 __HDC C:\ProgramData\{526CA30B-D871-406E-A018-ABE05E66D65B}
2017-08-15 21:52 - 2017-08-15 21:52 - 000000000 __HDC C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2017-08-15 21:52 - 2017-08-15 21:52 - 000000000 __HDC C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2017-08-15 21:52 - 2017-08-15 21:52 - 000000000 __HDC C:\ProgramData\{5BEDCDDD-6193-41E1-8C9B-C688715F85CD}
2017-08-15 21:52 - 2017-08-15 21:52 - 000000000 __HDC C:\ProgramData\{571BB2D7-5EB2-4D33-9E0D-0D95E2CB9AE0}
2017-08-15 21:51 - 2017-08-15 21:51 - 000000000 __HDC C:\ProgramData\{8D4C602D-E844-4297-BB00-303F1AFBDCBE}
2017-08-15 21:51 - 2017-08-15 21:51 - 000000000 __HDC C:\ProgramData\{4D0E48A9-ECF9-4029-9600-9F629A79750C}
2017-08-15 21:50 - 2017-08-15 21:50 - 000001072 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2017-08-15 21:50 - 2017-08-15 21:50 - 000000000 __HDC C:\ProgramData\{E08B3CF8-17F6-42A9-822C-B111A3E743A6}
2017-08-15 21:50 - 2017-08-15 21:50 - 000000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2017-08-15 21:41 - 2017-08-15 21:41 - 000001037 _____ C:\Users\Public\Desktop\Service Center.lnk
2017-08-15 21:41 - 2017-08-15 21:41 - 000000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2017-08-15 21:16 - 2017-08-15 21:16 - 000925696 _____ C:\Users\lkpaldus\Downloads\Native_Instruments_TraktorScratch_Pro_2.10.3.29_crack.iso
2017-08-15 16:40 - 2017-08-15 16:40 - 000043051 _____ C:\Users\lkpaldus\Downloads\Game.of.Thrones.S07E05.HDTV.x264-SVA.srt
2017-08-12 13:49 - 2017-08-29 18:54 - 000000000 ____D C:\Users\lkpaldus\Desktop\deep
2017-08-09 23:04 - 2017-08-09 23:04 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\Serato
2017-08-09 23:02 - 2017-08-09 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-08-09 23:01 - 2017-08-09 23:03 - 000000000 ____D C:\Program Files (x86)\QuickTime
2017-08-09 22:59 - 2017-08-09 22:59 - 000000000 ____D C:\Users\lkpaldus\AppData\LocalLow\Apple Computer
2017-08-09 22:58 - 2017-08-26 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
2017-08-09 22:54 - 2017-08-09 22:54 - 000706674 _____ C:\Users\lkpaldus\Downloads\Numark Mixtrack Pro QSG.pdf
2017-08-09 19:53 - 2017-08-29 16:12 - 000000000 ____D C:\Users\lkpaldus\Desktop\top
2017-08-08 12:24 - 2017-08-08 12:24 - 001204208 _____ (Adobe Systems Incorporated) C:\Users\lkpaldus\Downloads\flashplayer26_ka_install.exe
2017-08-08 10:47 - 2017-08-08 10:48 - 000030714 _____ C:\Users\lkpaldus\Downloads\Game.of.Thrones.S07E04.HDTV.x264-SVA.srt
2017-08-07 21:11 - 2017-08-30 22:33 - 000000000 ____D C:\Users\lkpaldus\AppData\LocalLow\Mozilla
2017-08-07 21:11 - 2017-08-26 20:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-07 21:11 - 2017-08-26 20:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-07 21:11 - 2017-08-17 22:53 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-07 21:11 - 2017-08-17 22:53 - 000001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-07 21:11 - 2017-08-07 21:16 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\Mozilla
2017-08-07 21:02 - 2017-08-07 21:02 - 000000000 _____ C:\Users\lkpaldus\Downloads\stažený soubor (4)
2017-08-07 21:00 - 2017-08-07 21:00 - 000266328 _____ (Mozilla) C:\Users\lkpaldus\Downloads\Firefox Setup Stub 54.0.1.exe
2017-08-07 21:00 - 2017-08-07 21:00 - 000000000 _____ C:\Users\lkpaldus\Downloads\stažený soubor (3)
2017-08-07 20:58 - 2017-08-07 20:58 - 000000000 _____ C:\Users\lkpaldus\Downloads\stažený soubor (2)
2017-08-07 20:58 - 2017-08-07 20:58 - 000000000 _____ C:\Users\lkpaldus\Downloads\stažený soubor (1)
2017-08-07 20:58 - 2017-08-07 20:58 - 000000000 _____ C:\Users\lkpaldus\Downloads\stažený soubor

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-30 22:36 - 2013-06-06 19:19 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\uTorrent
2017-08-30 22:25 - 2013-06-04 00:27 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2082873774-2060557047-3007381998-1002
2017-08-30 22:16 - 2014-03-09 15:23 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-30 21:24 - 2013-11-14 14:40 - 001847990 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-30 21:24 - 2013-11-14 14:24 - 000773738 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-30 21:24 - 2013-11-14 14:24 - 000168820 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-30 21:24 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-08-30 20:03 - 2014-02-25 22:07 - 000003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6F2E136-AC3F-430B-8F65-234A5E5448DD}
2017-08-30 07:14 - 2013-06-04 05:01 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\Adobe
2017-08-29 22:22 - 2013-06-03 20:45 - 000000000 ____D C:\Users\lkpaldus\AppData\Local\CrashDumps
2017-08-28 19:24 - 2014-01-04 13:39 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\vlc
2017-08-26 22:17 - 2017-07-05 20:55 - 000000000 ____D C:\Program Files (x86)\Serato
2017-08-26 20:18 - 2017-02-08 23:11 - 000004172 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-08-26 20:15 - 2013-06-04 00:22 - 000000423 _____ C:\Users\lkpaldus\AppData\Roaming\sp_data.sys
2017-08-26 20:09 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-26 20:08 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-08-25 20:06 - 2014-02-25 17:11 - 000000000 ____D C:\Users\lkpaldus
2017-08-24 20:54 - 2013-06-03 17:10 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-23 10:18 - 2013-06-04 00:50 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-22 14:05 - 2017-03-17 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-20 16:38 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-19 18:37 - 2012-10-31 02:31 - 000000000 ____D C:\ProgramData\Temp
2017-08-18 11:46 - 2017-05-03 21:00 - 000000000 ____D C:\Users\lkpaldus\Desktop\mobil
2017-08-18 06:04 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-17 23:53 - 2014-06-07 08:31 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-17 23:49 - 2014-06-07 08:30 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-17 22:58 - 2013-06-04 06:16 - 000000000 ____D C:\Program Files (x86)\EA Games
2017-08-17 19:11 - 2013-06-03 18:07 - 003686912 ___SH C:\Users\lkpaldus\Desktop\Thumbs.db
2017-08-15 22:04 - 2017-07-05 21:43 - 000000000 ____D C:\Users\lkpaldus\Documents\Native Instruments
2017-08-15 21:57 - 2017-07-05 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-08-15 21:56 - 2017-07-06 00:16 - 000000000 ____D C:\Program Files\Native Instruments
2017-08-15 21:49 - 2017-07-06 00:16 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2017-08-15 21:18 - 2016-06-20 14:16 - 000001313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-15 21:18 - 2014-02-25 18:34 - 000001630 _____ C:\Users\lkpaldus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-08-15 21:18 - 2013-06-03 17:10 - 000002407 _____ C:\Users\lkpaldus\Desktop\Google Chrome.lnk
2017-08-15 21:17 - 2013-06-03 17:07 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\DAEMON Tools Lite
2017-08-13 19:56 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-13 19:54 - 2014-01-22 09:16 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-08-12 14:18 - 2016-06-20 14:16 - 000003886 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1466424997
2017-08-10 03:29 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-09 23:01 - 2013-06-05 15:17 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-09 23:01 - 2013-06-05 15:17 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-07 21:11 - 2014-01-19 17:33 - 000000000 ____D C:\Users\lkpaldus\AppData\Roaming\Mozilla

==================== Files in the root of some directories =======

2013-06-26 14:28 - 2013-06-26 14:28 - 000000021 _____ () C:\Users\lkpaldus\AppData\Roaming\my_intel.sys
2014-03-28 19:13 - 2014-03-29 10:59 - 000034816 _____ () C:\Users\lkpaldus\AppData\Roaming\RZR_00601fb0476ca7667f2cbf37279b.db
2013-06-04 00:22 - 2017-08-26 20:15 - 000000423 _____ () C:\Users\lkpaldus\AppData\Roaming\sp_data.sys
2017-05-07 14:43 - 2017-05-07 14:43 - 000001269 _____ () C:\Users\lkpaldus\AppData\Local\recently-used.xbel
2015-02-18 17:09 - 2015-02-18 17:09 - 000000262 _____ () C:\Users\lkpaldus\AppData\Local\SocialModCfg.txt
2012-08-04 19:37 - 2012-07-30 08:03 - 000000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 19:37 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\Users\lkpaldus\multibit-hd-windows-x64-0.3.0.exe
C:\Users\lkpaldus\multibit-windows-x64-0.4.1.exe
C:\Users\lkpaldus\multibit-windows-x64-0.5.1.exe


Some files in TEMP:
====================
2017-08-17 22:57 - 2004-11-18 22:25 - 000335872 _____ (Electronic Arts Inc.) C:\Users\lkpaldus\AppData\Local\Temp\eauninstall.exe
2017-08-17 22:58 - 2004-10-29 14:19 - 000073728 _____ (EA) C:\Users\lkpaldus\AppData\Local\Temp\The Battle for Middle-earth_uninst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\lkpaldus\Desktop" je 6314 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(18.86 KiB) Staženo 80 x

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka - prosím o zkontrolování

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Spybota odinstalujte, je zastaraly a k nicemu.

:arrow: Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

Re: preventivka - prosím o zkontrolování

#3 Příspěvek od nulggath »

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2017/08/31 18:19:48

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- WDC WD7500BPVT-80HXZT3
- Slimtype DVD A
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD7500BPVT-80HXZT3 : 750,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD7500BPVT-80HXZT3
----------------------------------------------------------------------------
Model : WDC WD7500BPVT-80HXZT3
Firmware : 01.01A01
Serial Number : WD-WX81E32UVL37
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 10512 hod.
Power On Count : 6130 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 176 173 _21 000000000887 Čas na roztočení ploten
04 _79 _79 __0 0000000052FF Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _86 _86 __0 000000002910 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 0000000017F2 Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000E41 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000057 Počet vypnutí disku
C1 __1 __1 __0 00000009A8CF Počet cyklů načítání/vymazání
C2 120 _99 __0 00000000001B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3831 4533 3255 564C 3337
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 5654 2D38 3048 585A 5433 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0048
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 007F 0058
090: 0058 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AD46 69DE 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F5A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B0 AD 87 08 00 00 00 00 00 04 32 00 4F 4F FF
020: 52 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 56 56 10 29 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5E 5E F2 17 00 00 00 00 00 BF 32
070: 00 01 01 41 0E 00 00 00 00 00 C0 32 00 C8 C8 57
080: 00 00 00 00 00 00 C1 32 00 01 01 CF A8 09 00 00
090: 00 00 C2 22 00 78 63 1B 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 80 43 01 7B
170: 03 00 01 00 02 AA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BB

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

Re: preventivka - prosím o zkontrolování

#4 Příspěvek od nulggath »

# AdwCleaner 7.0.2.1 - Logfile created on Thu Aug 31 16:23:44 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\All Users\Documents\XMUpdate
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Users\lkpaldus\AppData\Roaming\BROWSERMODULE


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\Desktop\Google Chrome.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]
Cleaned: C:\Users\lkpaldus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk[https:\\launchpage.org\?uid=oTlKGKjdhx1sXu8CebUlK1FgG9vzfPn5xbF7j1098WfWAY6Gr%2Ffp4X3eJwLMYujKzCc%3D]


***** [ Tasks ] *****

Deleted: System\SystemCheck


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668
Startpage deleted: http://www.novinky.cz/koktejl/321387-so ... agonu.html
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/
Startpage deleted: http://www.delta-search.com/?affID=1198 ... E6BA57B4D7
Startpage deleted: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=041913
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 092-98&t=4
Startpage deleted: http://www.search.ask.com/?o=APN10645A& ... 96-124&t=4
Startpage deleted: https://www.seznam.cz/?clid=22668


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [8716 B] - [2017/1/21 17:17:27]
C:/AdwCleaner/AdwCleaner[S0].txt - [8458 B] - [2017/1/21 17:15:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [5346 B] - [2017/8/31 16:23:7]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka - prosím o zkontrolování

#5 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

Re: preventivka - prosím o zkontrolování

#6 Příspěvek od nulggath »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 01.09.17
Čas skenování: 18:22
Logovací soubor: af075a5e-8f31-11e7-92d8-dc85de6a2aac.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2704
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: Lukas\lkpaldus

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 542655
Zjištěné hrozby: 30
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 hod, 9 min, 13 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 5
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64, Žádná uživatelská akce, [2462], [242512],1.0.2704
PUP.Optional.OSpeedy, HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\SOFTWARE\OSpeedy Driver Updater, Žádná uživatelská akce, [1904], [344194],1.0.2704
PUP.Optional.OSpeedy, HKU\S-1-5-21-2082873774-2060557047-3007381998-1002\SOFTWARE\OSpeedy_Driver_Updater_Init, Žádná uživatelská akce, [1904], [344194],1.0.2704
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update focusbase, Žádná uživatelská akce, [39], [253983],1.0.2704
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util focusbase, Žádná uživatelská akce, [39], [253983],1.0.2704

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 4
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\icon, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\js, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FNGMHNNPILHPLAEEDIFHCCCEOMCLGFBG, Žádná uživatelská akce, [2148], [389742],1.0.2704

Soubor: 21
PUP.Optional.Sanbreel, C:\WINDOWS\SYSTEM32\DRIVERS\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys, Žádná uživatelská akce, [2462], [242512],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_allinonedocs.dl.myway.com_0.localstorage-journal, Žádná uživatelská akce, [259], [240305],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_videodownloadconverter.dl.myway.com_0.localstorage, Žádná uživatelská akce, [259], [240305],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_videodownloadconverter.dl.myway.com_0.localstorage-journal, Žádná uživatelská akce, [259], [240305],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_allinonedocs.dl.tb.ask.com_0.localstorage-journal, Žádná uživatelská akce, [259], [240306],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, Žádná uživatelská akce, [259], [240306],1.0.2704
PUP.Optional.MindSpark, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, Žádná uživatelská akce, [259], [240306],1.0.2704
PUP.Optional.ASK, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\AskToolbarInstaller-ORJ[1].7z, Žádná uživatelská akce, [516], [358503],1.0.2704
PUP.Optional.ASK, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\AskToolbarInstaller-ORJ[2].7z, Žádná uživatelská akce, [516], [358503],1.0.2704
PUP.Optional.ASK, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\AskToolbarInstaller-ORJ[3].7z, Žádná uživatelská akce, [516], [358503],1.0.2704
PUP.Optional.ASK, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\AskToolbarInstaller-ORJ[4].7z, Žádná uživatelská akce, [516], [358503],1.0.2704
Trojan.Agent.E.Generic, C:\WINDOWS\HOSTS, Žádná uživatelská akce, [1062], [353524],1.0.2704
PUP.Optional.BrowserModule, C:\USERS\LKPALDUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FNGMHNNPILHPLAEEDIFHCCCEOMCLGFBG\78.0_0\MANIFEST.JSON, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\icon\icon128.png, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\icon\icon16.png, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\icon\icon24.png, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\icon\icon32.png, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\js\background.js, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.BrowserModule, C:\Users\lkpaldus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\78.0_0\index.html, Žádná uživatelská akce, [2148], [389742],1.0.2704
PUP.Optional.FFHijacker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\286587843.JS, Žádná uživatelská akce, [1137], [330892],1.0.2704
PUP.Optional.FFHijacker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\286587843.CFG, Žádná uživatelská akce, [1137], [345408],1.0.2704

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka - prosím o zkontrolování

#7 Příspěvek od Márty84 »

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

Re: preventivka - prosím o zkontrolování

#8 Příspěvek od nulggath »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 06.09.17
Čas skenování: 6:52
Logovací soubor: 3ee3168c-92bf-11e7-b7e9-dc85de6a2aac.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2734
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: Lukas\lkpaldus

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 543621
Zjištěné hrozby: 56
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 41 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 3
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734

Modul: 3
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734

Klíč registru: 14
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G1, Žádná uživatelská akce, [546], [317313],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G2, Žádná uživatelská akce, [546], [317313],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G3, Žádná uživatelská akce, [546], [317313],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater_Online_Application, Žádná uživatelská akce, [546], [391428],1.0.2734
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Žádná uživatelská akce, [6102], [241622],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, Žádná uživatelská akce, [546], [360190],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Žádná uživatelská akce, [546], [339688],1.0.2734
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, Žádná uživatelská akce, [6102], [246229],1.0.2734
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, Žádná uživatelská akce, [6102], [246229],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2CEE7C89-E7F8-4ADB-94A4-180CD3E77A0B}, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{611817CC-5656-40BA-AD92-F3DB95787B4C}, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Žádná uživatelská akce, [546], [398592],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9946820-C64E-4B20-BBC4-7484E38FA0D7}, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E64B4D5D-34AA-4959-B579-3812A4F11FA0}, Žádná uživatelská akce, [546], [391427],1.0.2734

Hodnota v registru: 6
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2CEE7C89-E7F8-4ADB-94A4-180CD3E77A0B}|PATH, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{611817CC-5656-40BA-AD92-F3DB95787B4C}|PATH, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9946820-C64E-4B20-BBC4-7484E38FA0D7}|PATH, Žádná uživatelská akce, [546], [317311],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E64B4D5D-34AA-4959-B579-3812A4F11FA0}|PATH, Žádná uživatelská akce, [546], [391427],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, Žádná uživatelská akce, [546], [333852],1.0.2734
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, Žádná uživatelská akce, [546], [321304],1.0.2734

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 11
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, Žádná uživatelská akce, [8563], [399420],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Žádná uživatelská akce, [546], [391425],1.0.2734
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\PROGRAMDATA\MICROLEAVES, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\Users\lkpaldus\AppData\Roaming\Microleaves\Online Application 2.6.0\install\CFCBAA1, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\Users\lkpaldus\AppData\Roaming\Microleaves\Online Application 2.6.0\install, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\Users\lkpaldus\AppData\Roaming\Microleaves\Online Application 2.6.0, Žádná uživatelská akce, [8563], [399763],1.0.2734
Adware.OnlineIO, C:\USERS\LKPALDUS\APPDATA\ROAMING\MICROLEAVES, Žádná uživatelská akce, [8563], [399763],1.0.2734

Soubor: 19
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G1, Žádná uživatelská akce, [546], [317314],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G2, Žádná uživatelská akce, [546], [317314],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G3, Žádná uživatelská akce, [546], [317314],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Žádná uživatelská akce, [546], [391431],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION, Žádná uživatelská akce, [546], [391429],1.0.2734
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, Žádná uživatelská akce, [8563], [399420],1.0.2734
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, Žádná uživatelská akce, [8563], [399420],1.0.2734
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Žádná uživatelská akce, [546], [391425],1.0.2734
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Žádná uživatelská akce, [546], [391425],1.0.2734
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates\basic_updates.aiu, Žádná uživatelská akce, [8563], [399763],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, Žádná uživatelská akce, [546], [391430],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G1.job, Žádná uživatelská akce, [546], [382506],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G2.job, Žádná uživatelská akce, [546], [382506],1.0.2734
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G3.job, Žádná uživatelská akce, [546], [382506],1.0.2734
Adware.InstallMonster, C:\USERS\LKPALDUS\DOWNLOADS\SERATO-DJ-1.9.ZIP, Žádná uživatelská akce, [120], [417100],1.0.2734

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka - prosím o zkontrolování

#9 Příspěvek od Márty84 »

Co tam provadite? To tam predtim nebylo :boxed:

Takze nalezy odstranit a pak novy test. Vysledky opet sem :-)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

nulggath
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 16:58

Re: preventivka - prosím o zkontrolování

#10 Příspěvek od nulggath »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.09.17
Čas skenování: 17:52
Logovací soubor: 06a9cf5d-9640-11e7-8a68-dc85de6a2aac.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2768
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: Lukas\lkpaldus

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 544249
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 39 min, 47 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka - prosím o zkontrolování

#11 Příspěvek od Márty84 »

:arrow: MBAM odinstalujte.

:arrow: Dejte nove logy z FRST a budem mazat :-)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Odpovědět