Zdravím, poprosím vás o pomoc. Prehliadač (opera) mi otvára rôzne stránky stránky s reklamami, deje sa to keď kliknem na nejaký odkaz (na hocijakej stránke), pričom chcený odkaz mi otvorí na novej karte a na pôvodnej sa otvorí reklama. Skúšal som adwcleaner, reklám sa otvára menej (predtým cca každý 10. odkaz) ale stále sa nejaké nájdu.
Keďže ide o nový notebook, medzi naposledy vytvorenými súbormi sú všetky súbory v PC. Log bol preto príliš dlhý a nebolo možné vložiť ho do tohto príspevku celý. Zmazal som z postnutého logu vytvorené súbory z prvých dní od kúpy PC. Problém sa ajtak začal prejavovať až 15.6. Každopádne celý log som pridal do prílohy spolu s addition.txt, pre každý prípad.
LOG:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Martin (administrator) on LAPTOP-SRJ5TBTG (17-06-2016 01:13:18)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera_crashreporter.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Opera\38.0.2220.31\opera.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsMap.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-06-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407104 2016-06-10] (Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [629248 2015-11-13] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{2809c719-1c6b-4c06-a5b0-702ab9027c68}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3685a89b-0292-45ca-9447-8ad496cccc46}: [DhcpNameServer] 192.10.128.12
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-90591414-3714308032-2863625377-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-90591414-3714308032-2863625377-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-04-20] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-04-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-04-28] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Extension: Slovak (SK) Language Pack - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2016-06-15]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-06-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-06-11] [not signed]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-11]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [326392 2015-11-27] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [623072 2016-06-11] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [176640 2015-09-22] () [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2016-06-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\Windows\system32\IntelSSTAPO\ParameterService\ParameterService.exe [25928 2015-12-02] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-20] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-04-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-05] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-05] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-11] ()
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1770136 2015-08-04] (Intel Corporation)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-07-08] (Intel Corporation)
R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [196904 2016-06-10] (Intel(R) Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [595264 2016-06-10] (Intel(R) Corporation)
R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [613672 2016-06-10] (Intel(R) Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-09-05] (Acer Incorporated)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-29] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 Qcamain; C:\Windows\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2394288 2015-11-27] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-09-05] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 01:13 - 2016-06-17 01:13 - 00020906 _____ C:\Users\Martin\Desktop\FRST.txt
2016-06-17 01:12 - 2016-06-17 01:13 - 00000000 ____D C:\FRST
2016-06-17 01:11 - 2016-06-17 01:11 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2016-06-17 01:08 - 2016-06-17 01:07 - 02386944 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-06-17 00:34 - 2016-06-17 00:34 - 00016148 _____ C:\Windows\system32\LAPTOP-SRJ5TBTG_Martin_HistoryPrediction.bin
2016-06-16 20:02 - 2016-06-16 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-06-16 18:34 - 2016-06-16 18:34 - 00004208 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-06-15 23:44 - 2016-06-17 01:04 - 00000000 ____D C:\AdwCleaner
2016-06-15 22:59 - 2016-06-15 23:13 - 00000080 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2016-06-15 22:53 - 2016-06-15 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-15 22:42 - 2016-06-16 22:14 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-06-15 21:40 - 2016-06-15 21:40 - 00001135 _____ C:\Users\Martin\Desktop\opera – odkaz.lnk
2016-06-15 21:35 - 2016-06-15 21:35 - 00000000 ____D C:\Users\Martin\AppData\Roaming\WinRAR
2016-06-15 21:23 - 2016-06-15 21:23 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 21:23 - 2016-06-15 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 21:23 - 2016-06-15 21:23 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-06-15 21:09 - 2016-06-15 21:09 - 00000016 _____ C:\ProgramData\mntemp
2016-06-15 21:09 - 2016-06-15 21:09 - 00000000 ____D C:\Users\Martin\Documents\WGSoft
2016-06-15 20:57 - 2016-06-15 20:57 - 00191504 _____ (Prolific Technology Inc.) C:\Windows\system32\Drivers\ser2pl64.sys
2016-06-15 18:07 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-06-15 18:07 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 18:07 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 18:07 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 18:07 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 18:07 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 18:07 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 18:07 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 18:07 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 18:07 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 18:07 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 18:07 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-06-15 18:07 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 18:07 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 18:07 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 18:07 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 18:07 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2016-06-15 18:07 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 18:07 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 18:07 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 18:07 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 18:07 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 18:07 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 18:07 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 18:07 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-06-15 18:07 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 18:07 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 18:07 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 18:07 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 18:07 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-06-15 18:07 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 18:07 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 18:07 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-15 18:07 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 18:07 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 18:07 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 18:07 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-06-15 18:07 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-15 18:07 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 18:07 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 18:07 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 18:07 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 18:07 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 18:07 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 18:07 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 18:07 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 18:07 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-06-15 18:07 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 18:07 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 18:07 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 18:07 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 18:07 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 18:07 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-06-15 18:07 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 18:07 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 18:07 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 18:07 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 18:07 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 18:07 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 18:07 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 18:07 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 18:07 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 18:07 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 18:07 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 18:07 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 18:07 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 18:07 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 18:07 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 18:07 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 18:07 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 18:07 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 18:07 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 18:07 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 18:07 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 18:07 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-06-15 18:07 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 18:07 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-06-15 18:07 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 18:07 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 18:07 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 18:07 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 18:07 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 18:07 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 18:07 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 18:07 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-06-15 18:07 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 18:07 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 18:07 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 18:07 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 18:07 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 18:07 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 18:07 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 18:07 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-16 12:07 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-16 12:07 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-06-15 23:54 - 2015-08-31 13:01 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-15 23:54 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-06-15 23:48 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-15 23:48 - 2015-07-10 11:05 - 00131072 ___SH C:\Windows\system32\config\BBI
2016-06-15 23:14 - 2015-10-24 17:05 - 00002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-06-15 23:14 - 2015-08-31 12:51 - 00001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-15 23:14 - 2015-08-31 12:50 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2016-06-15 23:14 - 2015-03-21 02:28 - 00003278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
2016-06-15 23:13 - 2015-10-24 17:28 - 00001566 _____ C:\Users\Public\Desktop\Acer DustDefender.lnk
2016-06-15 23:13 - 2015-08-31 12:50 - 00001804 _____ C:\Users\Public\Desktop\Acer Care Center.lnk
2016-06-15 23:05 - 2015-08-31 12:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 23:04 - 2015-07-10 11:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-06-15 23:03 - 2015-10-24 17:41 - 00000000 ____D C:\Windows\NAPP_Dism_Log
2016-06-15 23:03 - 2015-08-31 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-15 23:03 - 2015-07-10 14:20 - 00194448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 23:02 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 18:16 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-06-13 17:45 - 2015-08-31 12:52 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-06-11 14:40 - 2015-08-31 12:52 - 00000000 ____D C:\ProgramData\McAfee
2016-06-11 13:10 - 2015-10-24 17:09 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2016-06-11 13:06 - 2015-10-24 17:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-11 13:06 - 2015-10-24 17:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-11 13:06 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Help
2016-06-11 13:01 - 2015-10-24 17:21 - 42920896 _____ C:\Windows\system32\nvcompiler.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 37888960 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 22355904 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 18487552 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 18400704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 16561128 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 15933912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 15838880 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 14844304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 13533608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 12869872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 12041144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 11229760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-11 13:01 - 2015-10-24 17:21 - 03540360 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 03126800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 02883520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 02503616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 01016360 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00884672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00870456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00823232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00698424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00682552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00422568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00422456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00377912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-11 13:01 - 2015-10-24 17:21 - 00034550 _____ C:\Windows\system32\nvinfo.pb
2016-06-11 09:22 - 2015-08-31 12:52 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-06-11 09:22 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-11 04:13 - 2015-10-24 17:18 - 00103944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-06-11 04:13 - 2015-10-24 17:18 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-06-11 04:13 - 2015-09-11 06:30 - 32710184 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 31777000 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 15477568 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 14553192 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 13450696 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 11841480 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 07884768 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-11 04:13 - 2015-09-11 06:30 - 02071056 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 00751112 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 00402912 _____ C:\Windows\system32\igfxTray.exe
2016-06-11 04:13 - 2015-09-11 06:30 - 00387088 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2016-06-11 04:13 - 2015-09-11 06:30 - 00373728 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2016-06-11 04:13 - 2015-09-11 06:30 - 00354784 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2016-06-11 04:13 - 2015-09-11 06:30 - 00269280 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2016-06-11 04:13 - 2015-09-11 06:30 - 00237024 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-11 04:13 - 2015-09-11 06:30 - 00055248 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-06-11 04:07 - 2015-08-31 12:50 - 00000000 ____D C:\ProgramData\OEM
2016-06-10 23:19 - 2015-10-24 17:13 - 01226515 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2016-06-10 23:19 - 2015-10-24 17:13 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-10 23:19 - 2015-10-24 17:13 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-10 23:18 - 2015-10-24 17:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-10 23:15 - 2015-10-24 17:13 - 03152591 _____ C:\Windows\system32\Drivers\rtkSSTSetting.zip
2016-06-10 23:14 - 2015-10-24 17:13 - 02826832 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-06-10 21:55 - 2015-08-31 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-10 21:55 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-06-10 21:51 - 2015-07-10 15:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\system32\winrm
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\system32\WCN
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\system32\slmgr
2016-06-10 21:51 - 2015-07-10 15:11 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\F12
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\MiracastView
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\MUI
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\migwiz
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Com
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Provisioning
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\L2Schemas
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\IME
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-06-10 21:51 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-06-10 21:51 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-06-10 21:51 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Sysprep
2016-06-10 21:51 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Dism
2016-06-10 21:51 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\servicing
2016-06-10 20:52 - 2015-10-24 17:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-10 16:33 - 2015-08-31 12:50 - 00000000 ____D C:\ProgramData\Acer
2016-06-10 15:24 - 2015-08-31 13:45 - 00000000 ____D C:\Windows\Panther
2016-06-10 15:21 - 2016-04-27 10:06 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-10 12:40 - 2015-08-31 12:50 - 00000000 ____D C:\Program Files (x86)\Acer
2016-06-10 12:31 - 2015-08-31 13:43 - 00000000 ___HD C:\OEM
==================== Files in the root of some directories =======
2015-10-24 17:14 - 2015-10-24 17:14 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2016-06-15 21:09 - 2016-06-15 21:09 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Martin\AppData\Local\Temp\octF8A1.tmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírusový a antispywarový softvér McAfee (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírusový a antispywarový softvér McAfee (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martin\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prehliadač otvára karty s reklamami
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
# AdwCleaner v5.200 - Log vytvorený 17/06/2016 v 19:07:09
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-17.1 [Server]
# Operačný systém : Windows 10 Home (X64)
# Užívateľské meno : Martin - LAPTOP-SRJ5TBTG
# Spustené z : C:\Users\Martin\Desktop\adwcleaner_5.200.exe
# Nastavenie : Čistenie
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Priečinky ] *****
***** [ Súbory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
***** [ Naplánované úlohy ] *****
***** [ Registre ] *****
***** [ Webové prehliadače ] *****
*************************
:: "Tracing" kľúče zmazané
:: Nastavenia Winsock resetované.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2363 bajtov] - [15/06/2016 23:47:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [857 bajtov] - [17/06/2016 19:07:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [2388 bajtov] - [15/06/2016 23:44:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [973 bajtov] - [17/06/2016 01:04:37]
C:\AdwCleaner\AdwCleaner[S3].txt - [1056 bajtov] - [17/06/2016 19:04:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1151 bajtov] ##########
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-17.1 [Server]
# Operačný systém : Windows 10 Home (X64)
# Užívateľské meno : Martin - LAPTOP-SRJ5TBTG
# Spustené z : C:\Users\Martin\Desktop\adwcleaner_5.200.exe
# Nastavenie : Čistenie
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Priečinky ] *****
***** [ Súbory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupcovia ] *****
***** [ Naplánované úlohy ] *****
***** [ Registre ] *****
***** [ Webové prehliadače ] *****
*************************
:: "Tracing" kľúče zmazané
:: Nastavenia Winsock resetované.
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2363 bajtov] - [15/06/2016 23:47:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [857 bajtov] - [17/06/2016 19:07:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [2388 bajtov] - [15/06/2016 23:44:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [973 bajtov] - [17/06/2016 01:04:37]
C:\AdwCleaner\AdwCleaner[S3].txt - [1056 bajtov] - [17/06/2016 19:04:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1151 bajtov] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Dále proveďte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Users\Martin\AppData\Local\Temp
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ATTENTION
End
Dále proveďte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
1. Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Martin (2016-06-17 19:57:48) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Users\Martin\AppData\Local\Temp
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ATTENTION
End
*****************
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ATTENTION => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-17 19:59:05)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 19:59:05 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Martin (2016-06-17 19:57:48) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Users\Martin\AppData\Local\Temp
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ATTENTION
End
*****************
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ATTENTION => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-17 19:59:05)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 19:59:05 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
A Zoek a Junkware?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
Zoek mi nechcelo spustit, ani po vypnuti antiviru, skusil som restartovat, ale win sa zacal aktualizovat... Logy doplnim hned ako to bude mozno, ospravedlnujem sa za komplikacie.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
Zoek a Junkware lze spustit i v nouz. režimu, pokud to nejde jinak.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
Nakoniec sa to rozbehlo, akurát ten update trval dlho. Takže logy:
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Martin on 17.06.2016 at 20:52:20,36.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.06.2016 20:59:37 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Martin\AppData\Local\ActiveSync deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\prefs.js:
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\Avast SecureLine deleted
C:\windows\SysNative\Tasks\avast! SL Update deleted
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\jetpack deleted
"C:\ProgramData\mntemp" deleted
"C:\Users\Martin\AppData\Roaming\gnupg" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [11.06.2016 14:40]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [11.06.2016 14:40]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default
- Slovak SK Language Pack - %ProfilePath%\extensions\langpack-sk@firefox.mozilla.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[20.04.2016 12:41]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{86217182-CF78-44F7-9597-6307B7A4FC81}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{86217182-CF78-44F7-9597-6307B7A4FC81} - http://www.bing.com/search?q={searchTer ... TR&pc=ACTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{86217182-CF78-44F7-9597-6307B7A4FC81}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{86217182-CF78-44F7-9597-6307B7A4FC81} - http://www.bing.com/search?q={searchTer ... TR&pc=ACTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Martin\AppData\Local\Mozilla\Firefox\Profiles\zwzm2rn3.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=21 folders=20 16792337 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Martin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 17.06.2016 at 21:21:19,82 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Martin (Administrator) on 17.06.2016 at 21:23:12,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.06.2016 at 21:24:53,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Martin on 17.06.2016 at 20:52:20,36.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.06.2016 20:59:37 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Martin\AppData\Local\ActiveSync deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\prefs.js:
Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\Avast SecureLine deleted
C:\windows\SysNative\Tasks\avast! SL Update deleted
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default\jetpack deleted
"C:\ProgramData\mntemp" deleted
"C:\Users\Martin\AppData\Roaming\gnupg" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [11.06.2016 14:40]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [11.06.2016 14:40]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\zwzm2rn3.default
- Slovak SK Language Pack - %ProfilePath%\extensions\langpack-sk@firefox.mozilla.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[20.04.2016 12:41]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{86217182-CF78-44F7-9597-6307B7A4FC81}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{86217182-CF78-44F7-9597-6307B7A4FC81} - http://www.bing.com/search?q={searchTer ... TR&pc=ACTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{86217182-CF78-44F7-9597-6307B7A4FC81}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{86217182-CF78-44F7-9597-6307B7A4FC81} - http://www.bing.com/search?q={searchTer ... TR&pc=ACTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Martin\AppData\Local\Mozilla\Firefox\Profiles\zwzm2rn3.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=21 folders=20 16792337 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Martin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 17.06.2016 at 21:21:19,82 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Martin (Administrator) on 17.06.2016 at 21:23:12,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.06.2016 at 21:24:53,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
OK. Nastala změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
Nie, stále to otvára rôzne reklamné stránky. Mám aj log z adwcleanera z 15.6., kedy našiel nejaký adware. Pomohlo by to?
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
Pokud jste to v ADW nechal smazat, mělo by to být pryč. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 17.06.2016
Čas kontroly: 22:53
Protokol: log.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.06.17.05
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: Martin
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 287352
Uplynulý čas: 3 min, 54 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
www.malwarebytes.org
Dátum kontroly: 17.06.2016
Čas kontroly: 22:53
Protokol: log.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.06.17.05
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: Martin
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 287352
Uplynulý čas: 3 min, 54 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prehliadač otvára karty s reklamami
Toto je OK, je to v Opeře samotné a žádná utilita to z ní nedostane. Operu zazálohujte pomocí OperaBackup: http://www.stahuj.centrum.cz/utility_a_ ... ra-backup/ . Pak operu odinstalujte vč. jejího profilu. Udělejte novou čistou instalaci Opery a zpět ze zálohy nakopírujte pouze hesla a záložky.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prehliadač otvára karty s reklamami
Operu som mal zazálohovanú pred kúpou ntb na externom hdd, čiže nebol problém. Resetol som aj ntb do továrenských nastavení, po všetkých kontrolách a updatoch nejak blbol windows. Každopádne ďakujem za pomoc.
Přispějete na provoz fóra?