Prosím o kontrolu logu - pop up okna s reklamami - díky

Zpráva

kulda29 · #1 Příspěvek od **kulda29** » 18 bře 2017 10:56

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Sára (administrator) on DESKTOP-J7S0F9L (18-03-2017 10:49:03)
Running from C:\Users\Sára\Downloads
Loaded Profiles: Sára (Available Profiles: defaultuser0 & Sára)
Platform: Windows 10 Enterprise 2016 LTSB Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [138020592 2017-02-24] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-22] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {2569e75d-a210-11e6-8418-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {2569e7be-a210-11e6-8418-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {55868065-f933-11e6-8423-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {55868078-f933-11e6-8423-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {558680dd-f933-11e6-8423-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {762cdf8c-cdef-11e6-8420-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {762ce0bb-cdef-11e6-8420-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {762ce121-cdef-11e6-8420-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {c4b2b620-c543-11e6-841f-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4072848191-6245863-4132105653-1001\...\MountPoints2: {df95bf53-d1f9-11e6-8420-d07e35240fee} - "D:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ad783912-1e93-410d-b858-331778fc37dd}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-22]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default [2017-03-18]
CHR Extension: (Dokumenty Google) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22]
CHR Extension: (Disk Google) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-22]
CHR Extension: (YouTube) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-22]
CHR Extension: (Avast Online Security) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-08]
CHR Extension: (Multiple open) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmpfpkiiaehlfdnkokhpnmdlkdhcohg [2017-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Sára\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-09-24] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-07] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-07] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [41464 2015-11-19] (Intel(R) Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12464 2016-11-05] (Macrovision Europe Ltd) [File not signed]
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146200 2015-10-14] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 10:49 - 2017-03-18 10:50 - 00015385 _____ C:\Users\Sára\Downloads\FRST.txt
2017-03-18 10:44 - 2017-03-18 10:49 - 00000000 ____D C:\FRST
2017-03-18 10:43 - 2017-03-18 10:43 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-03-18 10:43 - 2017-03-18 10:43 - 00001455 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-03-18 10:43 - 2017-03-18 10:43 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-03-18 10:43 - 2017-03-18 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-03-18 10:42 - 2017-03-18 10:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-18 10:42 - 2017-03-18 10:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-18 10:42 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2017-03-18 10:38 - 2017-03-18 10:44 - 02424832 _____ (Farbar) C:\Users\Sára\Downloads\FRST64.exe
2017-03-18 10:34 - 2017-03-18 10:41 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sára\Downloads\spybot-2.4.exe
2017-03-01 16:29 - 2017-03-01 16:40 - 00038912 _____ C:\Users\Sára\Desktop\OSOBNÍ DOTAZNÍK VZOR.xls
2017-03-01 09:49 - 2017-03-01 09:49 - 00000000 ____D C:\Users\Sára\Desktop\Prodej
2017-02-27 14:23 - 2017-03-01 10:02 - 00000000 ____D C:\Users\Sára\Desktop\Tisk
2017-02-22 20:24 - 2017-02-22 20:24 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-22 20:24 - 2017-02-22 20:24 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-22 19:12 - 2017-02-22 19:12 - 00001810 _____ C:\Users\Sára\Downloads\obraz.rar
2017-02-22 15:19 - 2017-02-22 11:55 - 734691044 _____ C:\Users\Sára\Desktop\Nasli_Me_Nasi_Nerez.avi
2017-02-22 11:13 - 2017-02-22 11:55 - 734691044 _____ C:\Users\Sára\Downloads\Nasli_Me_Nasi_Nerez.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 10:30 - 2016-10-21 19:24 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-03-18 09:21 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-03-18 08:57 - 2016-10-21 20:42 - 00004204 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3879ABB9-D5E4-4122-AF18-89CE89DE35C5}
2017-03-18 08:54 - 2016-10-21 21:38 - 00000000 __SHD C:\Users\Sára\IntelGraphicsProfiles
2017-03-14 19:40 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-03-10 06:17 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-04 21:09 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-24 21:02 - 2016-10-22 19:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-24 21:00 - 2016-10-22 19:06 - 00000000 ____D C:\Windows\AutoKMS
2017-02-24 20:57 - 2016-10-21 21:28 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-24 20:57 - 2016-10-21 21:28 - 00000000 ____D C:\Windows\system32\MRT
2017-02-22 20:21 - 2016-10-21 19:58 - 02359120 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-22 20:21 - 2016-07-16 23:26 - 00920418 _____ C:\Windows\system32\perfh005.dat
2017-02-22 20:21 - 2016-07-16 23:26 - 00223440 _____ C:\Windows\system32\perfc005.dat
2017-02-22 20:16 - 2016-10-21 19:25 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 20:15 - 2016-07-16 07:04 - 00032768 _____ C:\Windows\system32\config\BBI
2017-02-22 20:14 - 2016-12-15 14:03 - 00000000 ____D C:\Users\Sára\AppData\Roaming\Origin
2017-02-22 20:14 - 2016-10-21 20:00 - 00000000 ____D C:\Users\Sára
2017-02-22 19:14 - 2016-12-15 14:01 - 00000000 ____D C:\ProgramData\Origin
2017-02-22 11:44 - 2016-10-22 17:36 - 00000000 ____D C:\Users\Sára\AppData\Roaming\uTorrent
2017-02-22 11:29 - 2016-12-09 08:59 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-22 11:29 - 2016-10-21 20:03 - 00002391 _____ C:\Users\Sára\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-22 11:29 - 2016-10-21 20:03 - 00000000 ___RD C:\Users\Sára\OneDrive
2017-02-19 21:36 - 2015-08-15 20:33 - 00000000 ____D C:\Users\Sára\Desktop\Škola
2017-02-19 21:35 - 2016-10-21 20:34 - 00000000 ____D C:\Users\Sára\Desktop\Stažené soubory
2017-02-19 21:35 - 2016-09-04 18:04 - 00000000 ____D C:\Users\Sára\Desktop\pallets ideas yo
2017-02-19 21:27 - 2016-10-21 20:32 - 00000000 ____D C:\Users\Sára\Desktop\Sára
2017-02-17 19:29 - 2016-10-22 12:52 - 00000000 ____D C:\ProgramData\NVIDIA

==================== Files in the root of some directories =======

2016-10-21 22:11 - 2016-10-21 22:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-11-05 20:20 - 2002-10-23 08:16 - 0487424 _____ (Electronic Arts Inc.) C:\Users\Sára\AppData\Local\Temp\AutoRun.exe
2016-11-05 20:20 - 2002-10-23 08:16 - 1105920 _____ () C:\Users\Sára\AppData\Local\Temp\AutoRunGUI.dll
2016-11-05 20:47 - 2002-10-23 08:16 - 0274432 _____ (Electronic Arts, Inc.) C:\Users\Sára\AppData\Local\Temp\eauninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-14 19:53

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 18 bře 2017 11:29

Zdravím!
Váš PC je buď služební, nebo máte nelegální oper. systém.

kulda29 · #3 Příspěvek od **kulda29** » 18 bře 2017 11:38

Zdravím a děkuji za odpověď.
Je to příčinou mých problémů?

#4 Příspěvek od **Rudy** » 18 bře 2017 11:43

Spíše ne, pouze fórum viry.cz neřeší nelegální oper. systémy. Viz pravidla: https://forum.viry.cz/viewtopic.php?f=12&t=115512 . Pokud by váš PC by náhodou byl firemní, obraťte se sem: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Naše fórum není bezplatnou pomocí firemním oddělením IT.

VIRY.CZ

Prosím o kontrolu logu - pop up okna s reklamami - díky

Prosím o kontrolu logu - pop up okna s reklamami - díky

Re: Prosím o kontrolu logu - pop up okna s reklamami - díky

Re: Prosím o kontrolu logu - pop up okna s reklamami - díky

Re: Prosím o kontrolu logu - pop up okna s reklamami - díky