http://red.installer.xyz

Zpráva

Leoš Jelínek · #1 Příspěvek od **Leoš Jelínek** » 23 srp 2015 11:19

Dobrý den, tato adresa sama otevírá IE a toto se objeví. Díky za pomoc.

Tato stránka se nedá zobrazit.

•Zkontrolujte, jestli je webová adresa hxxp://red.installer.xyz správná.
•Vyhledejte stránku vyhledávacím webem.
•Aktualizujte stránku za pár minut.

#2 Příspěvek od **Rudy** » 23 srp 2015 11:40

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Leoš Jelínek · #3 Příspěvek od **Leoš Jelínek** » 23 srp 2015 11:50

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
Ran by Leoš (administrator) on LEOSOVO (23-08-2015 12:46:03)
Running from C:\Users\Leoš\Downloads
Loaded Profiles: Leoš (Available Profiles: Leoš)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [803312 2015-03-03] (Highresolution Enterprises)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-2379045658-3380367555-357286776-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2379045658-3380367555-357286776-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ523
SearchScopes: HKU\S-1-5-21-2379045658-3380367555-357286776-1001 -> {E304CA45-387D-4FC7-9EBD-7C6CD4823CFA} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO: WinToFlash Suggestor -> {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -> C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25] (Novicorp LLC)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 88.146.192.1 8.8.8.8
Tcpip\..\Interfaces\{F5258BC1-8C08-4C69-BF67-CBD15F7B0F72}: [DhcpNameServer] 88.146.192.1 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default
FF SelectedSearchEngine:
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2379045658-3380367555-357286776-1001: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\searchplugins\firmycz.xml [2015-07-02]
FF SearchPlugin: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\searchplugins\zbocz.xml [2015-06-12]
FF Extension: Widevine Media Optimizer - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2015-05-18]
FF Extension: Linkificator - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\linkificator@markapola.xpi [2015-02-11]
FF Extension: WinToFlash Suggestor - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-05-25]
FF Extension: Adblock Plus - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-25]
FF Extension: No Name - C:\Users\LeoĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [not found]

Chrome:
=======
CHR Profile: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-23]
CHR Extension: (YouTube) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-23]
CHR Extension: (Google Search) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-23]
CHR Extension: (Adblock Plus) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbjekjjiikcognjnlmmfchekpihfihce [2015-02-23]
CHR Extension: (Google Wallet) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-23]
CHR Extension: (Gmail) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-23]
CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx [2012-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-01-29] (Advanced Micro Devices, Inc.) [File not signed]
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [913144 2012-03-07] (ESET)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-08-20] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [103736 2013-08-20] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-26] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169080 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [148504 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2012-03-14] (ESET)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 vsbus; C:\Windows\System32\DRIVERS\vsb.sys [15264 2008-07-24] () [File not signed]
S3 vserial; C:\Windows\System32\DRIVERS\vserial.sys [47744 2008-07-24] () [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S3 cpuz135; \??\C:\Users\LEO~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-23 12:46 - 2015-08-23 12:46 - 00012023 _____ C:\Users\Leoš\Downloads\FRST.txt
2015-08-23 12:44 - 2015-08-23 12:46 - 00000000 ____D C:\FRST
2015-08-23 12:44 - 2015-08-23 12:44 - 01677824 _____ (Farbar) C:\Users\Leoš\Downloads\FRST.exe
2015-08-23 12:26 - 2015-08-23 12:26 - 00000000 ____D C:\rsit
2015-08-23 12:26 - 2015-08-23 12:26 - 00000000 ____D C:\Program Files\trend micro
2015-08-23 12:24 - 2015-08-23 12:24 - 01107968 _____ C:\Users\Leoš\Downloads\RSIT(1).exe
2015-08-23 12:22 - 2015-08-23 12:22 - 01107968 _____ C:\Users\Leoš\Downloads\RSIT.exe
2015-08-23 12:20 - 2015-08-23 12:20 - 01107968 _____ C:\Users\Leoš\Desktop\RSIT.exe
2015-08-22 00:29 - 2015-08-22 00:38 - 1261930080 _____ C:\Users\Leoš\Downloads\Poslední skaut 1991 CZ.avi
2015-08-22 00:10 - 2015-08-22 00:27 - 2097008640 _____ C:\Users\Leoš\Downloads\Fury (2014) CZ.avi
2015-08-21 23:55 - 2015-08-22 00:15 - 1528677889 _____ C:\Users\Leoš\Downloads\m1.avi
2015-08-21 23:31 - 2015-08-21 23:55 - 1794668121 _____ C:\Users\Leoš\Downloads\482015.rar
2015-08-21 23:27 - 2015-08-21 23:53 - 1933096960 _____ C:\Users\Leoš\Downloads\cn2.avi
2015-08-20 00:04 - 2015-08-20 00:04 - 00000000 ____D C:\Users\Leoš\Downloads\Scorpions - MTV Unplugged (2013) mp3
2015-08-20 00:04 - 2015-08-20 00:04 - 00000000 ____D C:\Users\Leoš\Downloads\Scorpions - 2001 Acoustic
2015-08-19 23:35 - 2015-08-19 23:35 - 00617725 _____ C:\Users\Leoš\Downloads\man_on_the_silver_mountain_rainbow.mp3.exe
2015-08-19 22:24 - 2015-08-19 22:24 - 00000000 ____D C:\Users\Leoš\Downloads\100 Super Rock Hits
2015-08-19 00:52 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 00:52 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-15 23:19 - 2015-08-15 23:19 - 00000000 ___HD C:\$Windows.~WS
2015-08-15 14:50 - 2015-08-15 14:57 - 00000000 ____D C:\Users\Leoš\Desktop\Verča škola
2015-08-15 14:09 - 2015-08-15 14:29 - 2648440832 _____ C:\Users\Leoš\Downloads\Windows_7_Starter_32_Bit.iso
2015-08-15 13:23 - 2015-08-15 14:48 - 00000000 ____D C:\Program Files\WinToUSB
2015-08-15 13:04 - 2015-08-15 13:06 - 3984982016 _____ C:\Users\Leoš\Documents\mydiscimage.iso
2015-08-15 12:55 - 2015-08-15 12:57 - 3985014784 _____ C:\Users\Leoš\Documents\mydiscimage.bin
2015-08-15 12:55 - 2015-08-15 12:55 - 00000074 _____ C:\Users\Leoš\Documents\mydiscimage.cue
2015-08-14 12:26 - 2015-08-14 19:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-14 11:21 - 2015-08-14 11:21 - 00000000 ____D C:\Program Files\WinToFlash Suggestor
2015-08-14 11:09 - 2015-08-14 11:10 - 00000000 ____D C:\Users\Leoš\Downloads\Novicorp WinToFlash Lite [The Bootable USB Creator] 1.1.0000 Portable
2015-08-14 01:34 - 2015-08-15 02:58 - 00000434 _____ C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSetupFromUSB.lnk
2015-08-14 00:42 - 2015-08-14 00:42 - 00000000 ____D C:\Users\Leoš\Documents\Ashampoo Burning Studio FREE
2015-08-13 20:31 - 2015-08-13 20:31 - 00000000 ____D C:\Users\Leoš\Downloads\VAG-COM-IHR-304-cz
2015-08-12 11:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:09 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:09 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:09 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:09 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:09 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 11:09 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:09 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:09 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:09 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:08 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 11:08 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:08 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 11:08 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:08 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 11:08 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 11:08 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 11:08 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 11:08 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 11:08 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 11:08 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 11:08 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 11:08 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 11:08 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 11:07 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 11:07 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:07 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:07 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 11:07 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 11:07 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 11:06 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 11:06 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 11:06 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:06 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 11:06 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:06 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 11:06 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 11:06 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:06 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:06 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 11:06 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:06 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:06 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:06 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 11:06 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 11:06 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:06 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 11:06 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:06 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:06 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:06 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:06 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:06 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:06 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 11:06 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 11:06 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:06 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:06 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:06 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 11:06 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:05 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:04 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:04 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:04 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 11:04 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-04 16:43 - 2015-08-04 16:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-28 01:40 - 2015-07-28 01:40 - 00000000 ____D C:\Users\Leoš\AppData\Local\CEF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-23 12:31 - 2015-03-20 11:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 10:25 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 10:25 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 10:18 - 2012-07-25 20:30 - 01816190 _____ C:\Windows\WindowsUpdate.log
2015-08-23 10:14 - 2015-05-12 22:54 - 00013376 _____ C:\Windows\setupact.log
2015-08-23 10:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-22 01:28 - 2014-03-30 00:19 - 00000000 ____D C:\Program Files\FastShare
2015-08-20 00:45 - 2012-07-25 20:37 - 01583806 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 00:03 - 2012-07-30 09:29 - 00000000 ____D C:\Users\Leoš\AppData\Local\CrashDumps
2015-08-16 03:40 - 2015-07-10 15:47 - 00000000 ___HD C:\$Windows.~BT
2015-08-16 03:24 - 2012-07-25 21:22 - 00000000 ____D C:\Windows\Panther
2015-08-15 14:51 - 2012-07-25 20:31 - 00000000 ____D C:\Users\Leoš
2015-08-14 23:25 - 2012-10-04 14:28 - 00000000 ____D C:\Users\Leoš\AppData\Local\Deployment
2015-08-14 23:02 - 2013-11-09 02:31 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\vlc
2015-08-14 19:22 - 2015-06-04 22:35 - 00002902 _____ C:\Windows\PFRO.log
2015-08-14 19:22 - 2015-02-08 17:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 00:55 - 2012-07-28 07:17 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\DAEMON Tools Lite
2015-08-12 17:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-08-12 17:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 16:41 - 2009-07-14 06:33 - 03736256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 16:38 - 2014-12-10 20:07 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 16:38 - 2014-05-01 22:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 11:54 - 2012-07-25 22:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 11:53 - 2012-07-28 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 11:52 - 2012-07-28 07:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 11:47 - 2013-08-13 21:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 11:35 - 2012-07-25 21:07 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:31 - 2012-07-25 20:54 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-11 21:31 - 2012-07-25 20:54 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-02 16:59 - 2013-10-12 18:21 - 00000000 ____D C:\Users\Leoš\Desktop\focení
2015-08-02 16:39 - 2012-09-19 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-08-02 16:39 - 2012-09-19 15:50 - 00000000 ____D C:\Program Files\Ashampoo
2015-08-02 16:37 - 2012-09-19 15:50 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\Ashampoo
2015-08-02 16:36 - 2012-09-19 15:50 - 00000000 ____D C:\ProgramData\ashampoo
2015-07-28 18:02 - 2014-04-11 23:17 - 00001120 _____ C:\Users\Leoš\AppData\Local\MRDownloader.nast
2015-07-25 10:40 - 2015-07-17 23:33 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2012-08-12 18:40 - 2013-08-20 19:46 - 0022328 _____ () C:\Users\Leoš\AppData\Roaming\PnkBstrK.sys
2014-04-11 23:17 - 2015-07-01 16:35 - 0004891 _____ () C:\Users\Leoš\AppData\Local\MRDownloader.err
2014-04-11 23:17 - 2015-07-28 18:02 - 0001120 _____ () C:\Users\Leoš\AppData\Local\MRDownloader.nast
2013-02-25 21:29 - 2013-02-28 14:22 - 0007637 _____ () C:\Users\Leoš\AppData\Local\Resmon.ResmonCfg
2012-08-21 16:37 - 2014-03-28 01:03 - 0032725 _____ () C:\Users\Leoš\AppData\Local\SRDownloader.err
2012-07-25 22:45 - 2014-03-28 01:03 - 0001104 _____ () C:\Users\Leoš\AppData\Local\SRDownloader.nast
2013-08-13 15:04 - 2013-08-13 15:04 - 0089921 _____ () C:\ProgramData\1376399078.bdinstall.bin

Some files in TEMP:
====================
C:\Users\Leoš\AppData\Local\Temp\DPInstx64.exe
C:\Users\Leoš\AppData\Local\Temp\DPInstx86.exe
C:\Users\Leoš\AppData\Local\Temp\DPInst_Monx64.exe
C:\Users\Leoš\AppData\Local\Temp\DPInst_Monx86.exe
C:\Users\Leoš\AppData\Local\Temp\OS_Detect.exe
C:\Users\Leoš\AppData\Local\Temp\vlc-2.2.1-win32.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-22 01:15

==================== End of log ============================

#4 Příspěvek od **Rudy** » 23 srp 2015 15:39

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Leoš Jelínek · #5 Příspěvek od **Leoš Jelínek** » 23 srp 2015 15:53

# AdwCleaner v5.003 - Logfile created 23/08/2015 at 16:50:40
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Leoš - LEOSOVO
# Running from : C:\Users\Leoš\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\WinToFlash Suggestor
[-] Folder Deleted : C:\ProgramData\apn

***** [ Files ] *****

[-] File Deleted : C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\UpToDown
[-] Key Deleted : HKCU\Software\VIS
[-] Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[!] Key Not Deleted : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinToFlash Suggestor

***** [ Web browsers ] *****

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3627 bytes] ##########

#6 Příspěvek od **Rudy** » 23 srp 2015 15:54

Dejte nový log FRST.

Leoš Jelínek · #7 Příspěvek od **Leoš Jelínek** » 23 srp 2015 16:01

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
Ran by Leoš (administrator) on LEOSOVO (23-08-2015 16:57:34)
Running from C:\Users\Leoš\Desktop
Loaded Profiles: Leoš (Available Profiles: Leoš)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [803312 2015-03-03] (Highresolution Enterprises)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-2379045658-3380367555-357286776-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2379045658-3380367555-357286776-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2379045658-3380367555-357286776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ523
SearchScopes: HKU\S-1-5-21-2379045658-3380367555-357286776-1001 -> {E304CA45-387D-4FC7-9EBD-7C6CD4823CFA} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 88.146.192.1 8.8.8.8
Tcpip\..\Interfaces\{F5258BC1-8C08-4C69-BF67-CBD15F7B0F72}: [DhcpNameServer] 88.146.192.1 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default
FF SelectedSearchEngine:
FF Homepage: hxxps://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2379045658-3380367555-357286776-1001: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\searchplugins\firmycz.xml [2015-07-02]
FF SearchPlugin: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\searchplugins\zbocz.xml [2015-06-12]
FF Extension: Widevine Media Optimizer - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2015-05-18]
FF Extension: Linkificator - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\linkificator@markapola.xpi [2015-02-11]
FF Extension: Adblock Plus - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-25]
FF Extension: No Name - C:\Users\LeoĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [not found]

Chrome:
=======
CHR Profile: C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-23]
CHR Extension: (YouTube) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-23]
CHR Extension: (Google Search) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-23]
CHR Extension: (Adblock Plus) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbjekjjiikcognjnlmmfchekpihfihce [2015-02-23]
CHR Extension: (Google Wallet) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-23]
CHR Extension: (Gmail) - C:\Users\Leoš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-23]
CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-01-29] (Advanced Micro Devices, Inc.) [File not signed]
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [913144 2012-03-07] (ESET)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-08-20] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [103736 2013-08-20] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-26] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169080 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [148504 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2012-03-14] (ESET)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 vsbus; C:\Windows\System32\DRIVERS\vsb.sys [15264 2008-07-24] () [File not signed]
S3 vserial; C:\Windows\System32\DRIVERS\vserial.sys [47744 2008-07-24] () [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S3 cpuz135; \??\C:\Users\LEO~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-23 16:57 - 2015-08-23 16:58 - 00011867 _____ C:\Users\Leoš\Desktop\FRST.txt
2015-08-23 16:46 - 2015-08-23 16:50 - 00000000 ____D C:\AdwCleaner
2015-08-23 16:45 - 2015-08-23 16:45 - 01605632 _____ C:\Users\Leoš\Desktop\adwcleaner_5.003.exe
2015-08-23 12:47 - 2015-08-23 12:48 - 00026079 _____ C:\Users\Leoš\Downloads\Addition.txt
2015-08-23 12:46 - 2015-08-23 12:48 - 00033090 _____ C:\Users\Leoš\Downloads\FRST.txt
2015-08-23 12:44 - 2015-08-23 16:57 - 00000000 ____D C:\FRST
2015-08-23 12:44 - 2015-08-23 12:44 - 01677824 _____ (Farbar) C:\Users\Leoš\Desktop\FRST.exe
2015-08-23 12:26 - 2015-08-23 12:26 - 00000000 ____D C:\rsit
2015-08-23 12:26 - 2015-08-23 12:26 - 00000000 ____D C:\Program Files\trend micro
2015-08-23 12:24 - 2015-08-23 12:24 - 01107968 _____ C:\Users\Leoš\Downloads\RSIT(1).exe
2015-08-23 12:22 - 2015-08-23 12:22 - 01107968 _____ C:\Users\Leoš\Downloads\RSIT.exe
2015-08-23 12:20 - 2015-08-23 12:20 - 01107968 _____ C:\Users\Leoš\Desktop\RSIT.exe
2015-08-22 00:29 - 2015-08-22 00:38 - 1261930080 _____ C:\Users\Leoš\Downloads\Poslední skaut 1991 CZ.avi
2015-08-22 00:10 - 2015-08-22 00:27 - 2097008640 _____ C:\Users\Leoš\Downloads\Fury (2014) CZ.avi
2015-08-21 23:55 - 2015-08-22 00:15 - 1528677889 _____ C:\Users\Leoš\Downloads\m1.avi
2015-08-21 23:31 - 2015-08-21 23:55 - 1794668121 _____ C:\Users\Leoš\Downloads\482015.rar
2015-08-21 23:27 - 2015-08-21 23:53 - 1933096960 _____ C:\Users\Leoš\Downloads\cn2.avi
2015-08-20 00:04 - 2015-08-20 00:04 - 00000000 ____D C:\Users\Leoš\Downloads\Scorpions - MTV Unplugged (2013) mp3
2015-08-20 00:04 - 2015-08-20 00:04 - 00000000 ____D C:\Users\Leoš\Downloads\Scorpions - 2001 Acoustic
2015-08-19 23:35 - 2015-08-19 23:35 - 00617725 _____ C:\Users\Leoš\Downloads\man_on_the_silver_mountain_rainbow.mp3.exe
2015-08-19 22:24 - 2015-08-19 22:24 - 00000000 ____D C:\Users\Leoš\Downloads\100 Super Rock Hits
2015-08-19 00:52 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 00:52 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-15 23:19 - 2015-08-15 23:19 - 00000000 ___HD C:\$Windows.~WS
2015-08-15 14:50 - 2015-08-15 14:57 - 00000000 ____D C:\Users\Leoš\Desktop\Verča škola
2015-08-15 14:09 - 2015-08-15 14:29 - 2648440832 _____ C:\Users\Leoš\Downloads\Windows_7_Starter_32_Bit.iso
2015-08-15 13:23 - 2015-08-15 14:48 - 00000000 ____D C:\Program Files\WinToUSB
2015-08-15 13:04 - 2015-08-15 13:06 - 3984982016 _____ C:\Users\Leoš\Documents\mydiscimage.iso
2015-08-15 12:55 - 2015-08-15 12:57 - 3985014784 _____ C:\Users\Leoš\Documents\mydiscimage.bin
2015-08-15 12:55 - 2015-08-15 12:55 - 00000074 _____ C:\Users\Leoš\Documents\mydiscimage.cue
2015-08-14 12:26 - 2015-08-14 19:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-14 11:09 - 2015-08-14 11:10 - 00000000 ____D C:\Users\Leoš\Downloads\Novicorp WinToFlash Lite [The Bootable USB Creator] 1.1.0000 Portable
2015-08-14 01:34 - 2015-08-15 02:58 - 00000434 _____ C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinSetupFromUSB.lnk
2015-08-14 00:42 - 2015-08-14 00:42 - 00000000 ____D C:\Users\Leoš\Documents\Ashampoo Burning Studio FREE
2015-08-13 20:31 - 2015-08-13 20:31 - 00000000 ____D C:\Users\Leoš\Downloads\VAG-COM-IHR-304-cz
2015-08-12 11:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:09 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:09 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 11:09 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:09 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:09 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:09 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 11:09 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 11:09 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:09 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:09 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:09 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:08 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 11:08 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:08 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 11:08 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:08 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 11:08 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 11:08 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 11:08 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 11:08 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 11:08 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 11:08 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 11:08 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 11:08 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 11:08 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 11:08 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 11:08 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 11:08 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 11:07 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 11:07 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 11:07 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:07 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:07 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 11:07 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:07 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 11:07 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 11:06 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 11:06 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 11:06 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:06 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 11:06 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:06 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 11:06 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 11:06 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:06 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:06 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 11:06 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:06 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:06 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:06 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 11:06 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 11:06 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:06 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 11:06 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:06 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:06 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:06 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:06 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:06 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:06 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 11:06 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 11:06 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:06 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:06 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:06 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 11:06 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:05 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:04 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:04 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:04 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 11:04 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-04 16:43 - 2015-08-04 16:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-28 01:40 - 2015-07-28 01:40 - 00000000 ____D C:\Users\Leoš\AppData\Local\CEF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-23 16:57 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 16:57 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 16:54 - 2012-07-25 20:30 - 01830259 _____ C:\Windows\WindowsUpdate.log
2015-08-23 16:51 - 2015-05-12 22:54 - 00013432 _____ C:\Windows\setupact.log
2015-08-23 16:51 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-23 16:31 - 2015-03-20 11:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 15:10 - 2013-11-09 02:31 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\vlc
2015-08-23 15:08 - 2014-03-30 00:19 - 00000000 ____D C:\Program Files\FastShare
2015-08-20 00:45 - 2012-07-25 20:37 - 01583806 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 00:03 - 2012-07-30 09:29 - 00000000 ____D C:\Users\Leoš\AppData\Local\CrashDumps
2015-08-16 03:40 - 2015-07-10 15:47 - 00000000 ___HD C:\$Windows.~BT
2015-08-16 03:24 - 2012-07-25 21:22 - 00000000 ____D C:\Windows\Panther
2015-08-15 14:51 - 2012-07-25 20:31 - 00000000 ____D C:\Users\Leoš
2015-08-14 23:25 - 2012-10-04 14:28 - 00000000 ____D C:\Users\Leoš\AppData\Local\Deployment
2015-08-14 19:22 - 2015-06-04 22:35 - 00002902 _____ C:\Windows\PFRO.log
2015-08-14 19:22 - 2015-02-08 17:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 00:55 - 2012-07-28 07:17 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\DAEMON Tools Lite
2015-08-12 17:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-08-12 17:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 16:41 - 2009-07-14 06:33 - 03736256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 16:38 - 2014-12-10 20:07 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 16:38 - 2014-05-01 22:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 11:54 - 2012-07-25 22:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 11:53 - 2012-07-28 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 11:52 - 2012-07-28 07:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 11:47 - 2013-08-13 21:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 11:35 - 2012-07-25 21:07 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:31 - 2012-07-25 20:54 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-11 21:31 - 2012-07-25 20:54 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-02 16:59 - 2013-10-12 18:21 - 00000000 ____D C:\Users\Leoš\Desktop\focení
2015-08-02 16:39 - 2012-09-19 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-08-02 16:39 - 2012-09-19 15:50 - 00000000 ____D C:\Program Files\Ashampoo
2015-08-02 16:37 - 2012-09-19 15:50 - 00000000 ____D C:\Users\Leoš\AppData\Roaming\Ashampoo
2015-08-02 16:36 - 2012-09-19 15:50 - 00000000 ____D C:\ProgramData\ashampoo
2015-07-28 18:02 - 2014-04-11 23:17 - 00001120 _____ C:\Users\Leoš\AppData\Local\MRDownloader.nast
2015-07-25 10:40 - 2015-07-17 23:33 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2012-08-12 18:40 - 2013-08-20 19:46 - 0022328 _____ () C:\Users\Leoš\AppData\Roaming\PnkBstrK.sys
2014-04-11 23:17 - 2015-07-01 16:35 - 0004891 _____ () C:\Users\Leoš\AppData\Local\MRDownloader.err
2014-04-11 23:17 - 2015-07-28 18:02 - 0001120 _____ () C:\Users\Leoš\AppData\Local\MRDownloader.nast
2013-02-25 21:29 - 2013-02-28 14:22 - 0007637 _____ () C:\Users\Leoš\AppData\Local\Resmon.ResmonCfg
2012-08-21 16:37 - 2014-03-28 01:03 - 0032725 _____ () C:\Users\Leoš\AppData\Local\SRDownloader.err
2012-07-25 22:45 - 2014-03-28 01:03 - 0001104 _____ () C:\Users\Leoš\AppData\Local\SRDownloader.nast
2013-08-13 15:04 - 2013-08-13 15:04 - 0089921 _____ () C:\ProgramData\1376399078.bdinstall.bin

Some files in TEMP:
====================
C:\Users\Leoš\AppData\Local\Temp\DPInstx64.exe
C:\Users\Leoš\AppData\Local\Temp\DPInstx86.exe
C:\Users\Leoš\AppData\Local\Temp\DPInst_Monx64.exe
C:\Users\Leoš\AppData\Local\Temp\DPInst_Monx86.exe
C:\Users\Leoš\AppData\Local\Temp\OS_Detect.exe
C:\Users\Leoš\AppData\Local\Temp\sqlite3.dll
C:\Users\Leoš\AppData\Local\Temp\vlc-2.2.1-win32.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-22 01:15

==================== End of log ============================

#8 Příspěvek od **Rudy** » 23 srp 2015 16:14

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Users\LeoĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [not found]
CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>
C:\Users\Leoš\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Leoš Jelínek · #9 Příspěvek od **Leoš Jelínek** » 23 srp 2015 16:34

Fix result of Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
Ran by Leoš (2015-08-23 17:30:27) Run:1
Running from C:\Users\Leoš\Desktop
Loaded Profiles: Leoš (Available Profiles: Leoš)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Users\LeoĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [not found]
CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>
C:\Users\Leoš\AppData\Local\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
C:\Users\LeoĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\l58ikph3.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} => path removed successfully."HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf" => key removed successfully.

"C:\Users\Leoš\AppData\Local\Temp" folder move:

Could not move "C:\Users\Leoš\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-23 17:32:12)<=

C:\Users\Leoš\AppData\Local\Temp => moved successfully

==== End of Fixlog 17:32:13 ====

#10 Příspěvek od **Rudy** » 23 srp 2015 18:12

Smazáno. Nastala nějaká změna?

Leoš Jelínek · #11 Příspěvek od **Leoš Jelínek** » 23 srp 2015 18:48

Zatím to vypadá dobře. Snad jste to vyřešil. Díky

#12 Příspěvek od **Rudy** » 23 srp 2015 19:13

Rádo se stalo!

Leoš Jelínek · #13 Příspěvek od **Leoš Jelínek** » 23 srp 2015 19:19

Tak se bohužel objevila stránka znovu.

#14 Příspěvek od **Rudy** » 23 srp 2015 21:01

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Leoš Jelínek · #15 Příspěvek od **Leoš Jelínek** » 23 srp 2015 21:54

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.8.2015
Čas skenování: 22:27
Protokol: Malwarebytes log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.23.05
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Leoš

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 312658
Uplynulý čas: 20 min, 56 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 11
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\CLASSES\CLSID\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, HKU\S-1-5-21-2379045658-3380367555-357286776-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, HKU\S-1-5-21-2379045658-3380367555-357286776-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\CLASSES\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}\INPROCSERVER32, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}, , [98a9fb11f59668ce94cfa9e3778ebc44],
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{78CE34FD-F6D4-4866-B79C-A37268D06A04}, , [98a9fb11f59668ce94cfa9e3778ebc44],
PUP.Optional.ThinkTanks.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{80904944-C726-4C7D-A452-3FFF2A882095}, , [98a9fb11f59668ce94cfa9e3778ebc44],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinToFlash Suggestor, , [f0513dcfc7c4a69087b6f758d0313bc5],
PUP.Optional.WinToFlashSuggestor.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\acaoakiamfeidcmgooclgeleejkbaecf, , [f8499d6f4a412610700243eca55ed52b],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2379045658-3380367555-357286776-1001\SOFTWARE\CONDUIT\DistributionEngine, , [c9789d6fd5b662d44f105f4ce61ed828],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files\WinToFlash Suggestor, , [75ccd53798f34cead742b15746bdde22],

Soubory: 5
PUP.Optional.ThinkTanks.A, C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll, , [3011c24a17749f973a29d0bc1ce941bf],
PUP.Optional.ThinkTanks.A, C:\Program Files\WinToFlash Suggestor\AddressBarInstance.dll, , [350cab6132594de93d264e3edc29857b],
PUP.Optional.ThinkTanks.A, C:\Program Files\WinToFlash Suggestor\RestartIE.exe, , [93ae5fad3853d165b3b0008cfb0ac43c],
PUP.Optional.ThinkTanks.A, C:\Program Files\WinToFlash Suggestor\SMBarBroker.exe, , [98a9fb11f59668ce94cfa9e3778ebc44],
PUP.Optional.WinToFlashSuggestor.A, C:\Program Files\WinToFlash Suggestor\Uninstall.exe, , [f0513dcfc7c4a69087b6f758d0313bc5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

VIRY.CZ

http://red.installer.xyz

http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz

Re: http://red.installer.xyz