Kontrola logu

Zpráva

baluskaaaaa · #1 Příspěvek od **baluskaaaaa** » 12 črc 2015 11:50

Zdravím!
Chtěla bych poprosit o kontrolu logu. Počítač je pomalejší, než kdy byl. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Barbora (administrator) on BARBORA-PC on 12-07-2015 12:29:45
Running from C:\Users\Barbora\Desktop
Loaded Profiles: Barbora (Available Profiles: Barbora & Guest)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ExpressGateUtil\VAWinService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(ASUS) C:\Program Files\Asus\CapsHook\CapsHook.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\SHE\SuperHybridEngine.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Google Inc.) C:\Users\Barbora\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Windows\System32\lcpmncxjqa.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Barbora\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [548744 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101288 2011-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1252272 2011-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [413112 2011-01-27] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [419504 2011-04-14] (ASUSTek Computer Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [191304 2011-01-13] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2011-05-20] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2510784 2015-05-30] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [MSStp] => C:\windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mncxjqaSrv] => C:\windows\system32\mncxjqa.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-677497054-411520018-2827315060-1000\...\Run: [Google Update] => C:\Users\Barbora\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-29] (Google Inc.)
HKU\S-1-5-21-677497054-411520018-2827315060-1000\...\Run: [5A854F2B252D44A96F38625D799CA6CE8DE6831A._service_run] => "C:\Users\Barbora\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
HKU\S-1-5-21-677497054-411520018-2827315060-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-05-20]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-09-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB8} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {618A47A2-528B-4D9A-AFC8-97D3233511E2} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={35F0 ... 2012-07-10 11:21:56&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{searchTe ... dae92fe02a
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={35F0 ... 2012-07-10 11:21:56&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {BA325B87-3925-4286-86D6-F51DD445B06D} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\Barbora\AppData\Roaming\Complitly\Complitly.dll [2012-11-30] (SimplyGen)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15] (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll [2012-10-15] (AVG Technologies CZ, s.r.o.)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-30] (AVG Secure Search)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Windows 7 Starter Helper -> {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} -> C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll [2009-12-09] (Oceanis)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-30] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll [2012-03-27] (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-30] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D7730874-3274-4E0A-AE2C-7CB0E3642F7E}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-11] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2012-06-05]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2012-06-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [2013-03-09]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2012-04-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-03-04] ()
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-12] ()
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-30] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\windows\System32\drivers\amd_sata.sys [64128 2010-11-04] (Advanced Micro Devices)
R0 amd_xata; C:\windows\System32\drivers\amd_xata.sys [32384 2010-11-04] (Advanced Micro Devices)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [302368 2014-11-04] (AVG Technologies CZ, s.r.o.)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [293928 2010-05-21] (Broadcom Corporation.)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R1 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 MpNWMon; C:\windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 12:29 - 2015-07-12 12:30 - 00016082 _____ C:\Users\Barbora\Desktop\FRST.txt
2015-07-12 12:17 - 2015-07-12 12:29 - 00000000 ____D C:\FRST
2015-07-12 12:15 - 2015-07-12 12:15 - 01634816 _____ (Farbar) C:\Users\Barbora\Desktop\FRST.exe
2015-07-12 09:59 - 2015-07-12 09:59 - 00000000 __SHD C:\Users\Barbora\AppData\Local\EmieBrowserModeList
2015-07-12 00:25 - 2015-01-09 01:44 - 00419936 _____ C:\windows\system32\locale.nls
2015-07-12 00:13 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 12:30 - 2012-03-15 21:38 - 01205425 _____ C:\windows\WindowsUpdate.log
2015-07-12 12:28 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-07-12 12:17 - 2015-04-19 12:13 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677497054-411520018-2827315060-1000UA.job
2015-07-12 12:15 - 2015-04-19 12:10 - 00000918 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677497054-411520018-2827315060-1000Core.job
2015-07-12 12:14 - 2015-04-19 12:12 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 10:05 - 2009-07-14 06:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 10:05 - 2009-07-14 06:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 09:56 - 2014-03-18 17:32 - 00000000 _____ C:\Users\Barbora\rgut
2015-07-12 09:53 - 2015-04-19 12:10 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 09:53 - 2013-06-03 17:05 - 00000350 _____ C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-07-12 00:44 - 2015-01-28 14:29 - 00001068 _____ C:\windows\setupact.log
2015-07-12 00:44 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-12 00:44 - 2009-07-14 06:33 - 00512864 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-12 00:40 - 2009-07-14 04:37 - 00000000 ____D C:\windows\tracing
2015-07-11 23:51 - 2011-09-24 10:50 - 00000000 ____D C:\Users\Barbora\AppData\Local\Google
2015-07-11 23:48 - 2009-07-27 12:11 - 01621914 _____ C:\windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2013-10-25 14:22 - 2013-10-25 14:22 - 50053120 _____ () C:\Program Files\GUT81E9.tmp
2015-05-30 22:22 - 2015-05-30 22:22 - 6420480 _____ () C:\Program Files\GUTBDD0.tmp
2012-02-19 00:10 - 2013-02-01 18:50 - 0025338 _____ () C:\Users\Barbora\AppData\Roaming\UserTile.png
2011-11-03 18:14 - 2011-11-03 18:14 - 0007605 _____ () C:\Users\Barbora\AppData\Local\Resmon.ResmonCfg
2011-05-20 03:56 - 2010-03-03 00:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Barbora\AppData\Local\Temp\GUR2B21.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-25 17:19

==================== End of log ============================

#2 Příspěvek od **Rudy** » 12 črc 2015 11:52

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

baluskaaaaa · #3 Příspěvek od **baluskaaaaa** » 12 črc 2015 12:29

# AdwCleaner v4.208 - Log vytvořen 12/07/2015 v 13:20:37
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-11.1 [Server]
# Operační system : Windows 7 Starter Service Pack 1 (x86)
# Uživatelské jméno : Barbora - BARBORA-PC
# Spuštěno z : C:\Users\Barbora\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : AVG Security Toolbar Service
[#] Služba Smazáno : vToolbarUpdater18.5.0

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\AVG Secure Search
Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\Program Files\AVG Secure Search
Složka Smazáno : C:\Program Files\Complitly
Složka Smazáno : C:\Program Files\Common Files\AVG Secure Search
Složka Smazáno : C:\Users\Barbora\AppData\Local\AVG Secure Search
Složka Smazáno : C:\Users\Barbora\AppData\Local\Babylon
Složka Smazáno : C:\Users\Barbora\AppData\LocalLow\AVG Secure Search
Složka Smazáno : C:\Users\Barbora\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\Barbora\AppData\Roaming\Complitly
Složka Smazáno : C:\Users\Guest\AppData\Local\AVG Secure Search
Složka Smazáno : C:\Users\Guest\AppData\LocalLow\AVG Secure Search

***** [ Naplánované úlohy ] *****

Úloha Smazáno : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Klíč Smazáno : HKLM\SOFTWARE\Classes\S
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\AVG Secure Search
Klíč Smazáno : HKCU\Software\Complitly
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Klíč Smazáno : HKLM\SOFTWARE\AVG Secure Search
Klíč Smazáno : HKLM\SOFTWARE\AVG Security Toolbar
Klíč Smazáno : HKLM\SOFTWARE\Babylon
Klíč Smazáno : HKLM\SOFTWARE\SimplyGen
Klíč Smazáno : HKU\.DEFAULT\Software\AVG Secure Search
Klíč Smazáno : HKU\.DEFAULT\Software\IGearSettings
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

*************************

AdwCleaner[R0].txt - [8785 bytů] - [12/07/2015 13:13:38]
AdwCleaner[S0].txt - [8560 bytů] - [12/07/2015 13:20:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8618 bytů] ##########

#4 Příspěvek od **Rudy** » 12 črc 2015 15:46

Dejte nový log FRST.

baluskaaaaa · #5 Příspěvek od **baluskaaaaa** » 12 črc 2015 17:56

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Barbora (administrator) on BARBORA-PC on 12-07-2015 18:52:18
Running from C:\Users\Barbora\Desktop
Loaded Profiles: Barbora (Available Profiles: Barbora & Guest)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\AsusService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ExpressGateUtil\VAWinService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\SHE\SuperHybridEngine.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
(ASUS) C:\Program Files\Asus\CapsHook\CapsHook.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUS) C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [548744 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101288 2011-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1252272 2011-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [413112 2011-01-27] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [419504 2011-04-14] (ASUSTek Computer Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-23] (Realtek Semiconductor)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [191304 2011-01-13] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2011-05-20] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [MSStp] => C:\windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mncxjqaSrv] => C:\windows\system32\mncxjqa.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-677497054-411520018-2827315060-1000\...\Run: [5A854F2B252D44A96F38625D799CA6CE8DE6831A._service_run] => "C:\Users\Barbora\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
HKU\S-1-5-21-677497054-411520018-2827315060-1000\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-05-20]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-09-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB8} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {618A47A2-528B-4D9A-AFC8-97D3233511E2} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-677497054-411520018-2827315060-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {BA325B87-3925-4286-86D6-F51DD445B06D} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15] (AVG Technologies CZ, s.r.o.)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Windows 7 Starter Helper -> {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} -> C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll [2009-12-09] (Oceanis)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll [2012-03-27] (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D7730874-3274-4E0A-AE2C-7CB0E3642F7E}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-11] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2012-06-05]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2012-06-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2012-04-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-03-04] ()
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\windows\System32\drivers\amd_sata.sys [64128 2010-11-04] (Advanced Micro Devices)
R0 amd_xata; C:\windows\System32\drivers\amd_xata.sys [32384 2010-11-04] (Advanced Micro Devices)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [302368 2014-11-04] (AVG Technologies CZ, s.r.o.)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [293928 2010-05-21] (Broadcom Corporation.)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R1 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 13:13 - 2015-07-12 13:21 - 00000000 ____D C:\AdwCleaner
2015-07-12 13:12 - 2015-07-12 13:12 - 02248704 _____ C:\Users\Barbora\Desktop\adwcleaner_4.208.exe
2015-07-12 12:32 - 2015-07-12 12:35 - 00046999 _____ C:\Users\Barbora\Desktop\Addition.txt
2015-07-12 12:29 - 2015-07-12 18:52 - 00012576 _____ C:\Users\Barbora\Desktop\FRST.txt
2015-07-12 12:17 - 2015-07-12 18:52 - 00000000 ____D C:\FRST
2015-07-12 12:15 - 2015-07-12 12:15 - 01634816 _____ (Farbar) C:\Users\Barbora\Desktop\FRST.exe
2015-07-12 09:59 - 2015-07-12 09:59 - 00000000 __SHD C:\Users\Barbora\AppData\Local\EmieBrowserModeList
2015-07-12 00:25 - 2015-01-09 01:44 - 00419936 _____ C:\windows\system32\locale.nls
2015-07-12 00:13 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 18:51 - 2015-04-19 12:12 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 13:39 - 2012-03-15 21:38 - 01227038 _____ C:\windows\WindowsUpdate.log
2015-07-12 13:32 - 2009-07-14 06:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 13:32 - 2009-07-14 06:34 - 00009696 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 13:27 - 2014-03-18 17:32 - 00000330 _____ C:\Users\Barbora\rgut
2015-07-12 13:26 - 2015-04-19 12:10 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 13:23 - 2015-01-28 14:29 - 00001124 _____ C:\windows\setupact.log
2015-07-12 13:23 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-12 12:45 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-07-12 12:35 - 2011-09-24 10:50 - 00000000 ____D C:\Users\Barbora\AppData\Local\Google
2015-07-12 00:44 - 2009-07-14 06:33 - 00512864 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-12 00:40 - 2009-07-14 04:37 - 00000000 ____D C:\windows\tracing
2015-07-11 23:48 - 2009-07-27 12:11 - 01621914 _____ C:\windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2013-10-25 14:22 - 2013-10-25 14:22 - 50053120 _____ () C:\Program Files\GUT81E9.tmp
2015-05-30 22:22 - 2015-05-30 22:22 - 6420480 _____ () C:\Program Files\GUTBDD0.tmp
2012-02-19 00:10 - 2013-02-01 18:50 - 0025338 _____ () C:\Users\Barbora\AppData\Roaming\UserTile.png
2011-11-03 18:14 - 2011-11-03 18:14 - 0007605 _____ () C:\Users\Barbora\AppData\Local\Resmon.ResmonCfg
2011-05-20 03:56 - 2010-03-03 00:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Barbora\AppData\Local\Temp\GUR2B21.exe
C:\Users\Barbora\AppData\Local\Temp\Quarantine.exe
C:\Users\Barbora\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-12 13:09

==================== End of log ============================

#6 Příspěvek od **Rudy** » 12 črc 2015 18:41

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [MSStp] => C:\windows\inf\msstp.vbe [1584 2014-03-05] ()
C:\windows\inf\msstp.vbe
HKLM\...\Run: [mncxjqaSrv] => C:\windows\system32\mncxjqa.vbe [7670 2014-03-05] ()
C:\windows\system32\mncxjqa.vbe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
C:\Program Files\Skype\Toolbars
CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [Not Found]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUT81E9.tmp
C:\Program Files\GUTBDD0.tmp
C:\Users\Barbora\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

baluskaaaaa · #7 Příspěvek od **baluskaaaaa** » 12 črc 2015 20:23

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Barbora at 2015-07-12 21:16:18 Run:1
Running from C:\Users\Barbora\Desktop
Loaded Profiles: Barbora (Available Profiles: Barbora & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [MSStp] => C:\windows\inf\msstp.vbe [1584 2014-03-05] ()
C:\windows\inf\msstp.vbe
HKLM\...\Run: [mncxjqaSrv] => C:\windows\system32\mncxjqa.vbe [7670 2014-03-05] ()
C:\windows\system32\mncxjqa.vbe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-677497054-411520018-2827315060-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
C:\Program Files\Skype\Toolbars
CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [Not Found]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\GUT81E9.tmp
C:\Program Files\GUTBDD0.tmp
C:\Users\Barbora\AppData\Local\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp => value removed successfully.
C:\windows\inf\msstp.vbe => moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncxjqaSrv => value removed successfully.
C:\windows\system32\mncxjqa.vbe => moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-677497054-411520018-2827315060-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => key removed successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully.
"C:\Program Files\Skype\Toolbars" => File/Folder not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda" => key removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Program Files\GUT81E9.tmp => moved successfully.
C:\Program Files\GUTBDD0.tmp => moved successfully.

"C:\Users\Barbora\AppData\Local\Temp" folder move:

Could not move "C:\Users\Barbora\AppData\Local\Temp" folder => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-12 21:19:33)<=

C:\Users\Barbora\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:19:34 ====

#8 Příspěvek od **Rudy** » 12 črc 2015 20:29

Smazáno. Nastala nějaká změna?

baluskaaaaa · #9 Příspěvek od **baluskaaaaa** » 12 črc 2015 20:35

Vypadá to, že je to mnohem lepší. Děkuji moc za Váš čas a pomoc!

#10 Příspěvek od **Rudy** » 12 črc 2015 21:33

Rádo se stalo!

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu