Problém se sítí a zdrojem neobvyklého provozu - Google

[Jensen2411]

Zdravím vás. Mám tu menší problém s vyhledávačem. Před pár dny na mě vyskočila v Google chrome tato hláška:

Informace o této stránce

Naše systémy zjistily, že vaše počítačová síť je zdrojem neobvyklého provozu. Účelem této stránky je zkontrolovat, zda požadavky odesíláte skutečně vy, a ne robot. Důvod:


Tato stránka se zobrazí, pokud Google automaticky zjistí, že z vaší počítačové sítě přicházejí požadavky, které se zdají být v rozporu se Smluvními podmínkami. Blokování ukončíme krátce poté, co tento provoz ustane. Chcete-li mezitím nadále používat naše služby, vyplňte výše uvedený test CAPTCHA.

Tento nežádoucí provoz může způsobovat škodlivý software, plugin prohlížeče nebo skript určený k automatickému odesílání požadavků. Pokud používáte sdílené síťové připojení, požádejte o pomoc administrátora – příčinou může být jiný počítač se stejnou adresou IP. Další informace

Někdy se může test CAPTCHA zobrazit v případě, že požadavky odesíláte velmi rychle nebo používáte některé výrazy charakteristické pro roboty.

Systém jsem projel adw cleanerem a nenašel nic, Eset online scanner našel dva soubory, oba je smazal. Systém jsem pro jistotu reinstaloval a zdálo se, že budu mít pokoj. Po dvou hodinách mi internet explorer co byl nainstalován zobrazuje při vyhledávání přes stránku gooogle .com neustále výše uvedený text. Google chrome a Moziila Firefox jsou v pořádku. Jsem z toho už docela zoufalý. Prosím pomozte mi

Děkuji moc všem.

[Rudy]

Zdravím!
Problémem vůbec nemusí být váš PC. Google detekuje IP adresu hraničního routeru vašeho poskatovatele připojení. Takž problém může mít kterýkoliv PC v poskatovatelově síti. Nicméně můžeme vaše PC prověřit. Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[Jensen2411]

Včera se mi navíc tato hláška objevila na notebooku kde je linux. a ten je napojen jen na wifi. Zde jsou uvedené logy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by stratos (administrator) on STRATOS-PC (30-03-2019 08:15:09)
Running from C:\Users\stratos\Desktop
Loaded Profiles: stratos (Available Profiles: stratos)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\stratos\Downloads\esetonlinescanner_csy.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2028103741-66547598-1420609312-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-27] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5CBBCB8D-A174-4452-8057-7109F379A1CD}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================
HKU\S-1-5-21-2028103741-66547598-1420609312-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: aedjpa8o.default
FF ProfilePath: C:\Users\stratos\AppData\Roaming\Mozilla\Firefox\Profiles\aedjpa8o.default [2019-03-29]
FF Extension: (AdBlock) - C:\Users\stratos\AppData\Roaming\Mozilla\Firefox\Profiles\aedjpa8o.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-03-27]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default [2019-03-30]
CHR Extension: (Prezentace) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-27]
CHR Extension: (Dokumenty) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-27]
CHR Extension: (Disk Google) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-27]
CHR Extension: (YouTube) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-27]
CHR Extension: (Tabulky) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-27]
CHR Extension: (AdBlock) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-27]
CHR Extension: (Gmail) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\stratos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-27] (AVAST Software s.r.o. -> AVAST Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-30 08:15 - 2019-03-30 08:15 - 000008955 _____ C:\Users\stratos\Desktop\FRST.txt
2019-03-30 08:12 - 2019-03-30 08:15 - 000000000 ____D C:\FRST
2019-03-29 18:48 - 2019-03-29 18:48 - 002434048 _____ (Farbar) C:\Users\stratos\Desktop\FRST64.exe
2019-03-28 15:43 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-03-28 15:43 - 2014-05-14 17:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-03-28 15:43 - 2014-05-14 17:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-03-28 15:43 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-03-28 15:43 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-03-28 15:43 - 2014-05-14 17:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-03-28 15:43 - 2014-05-14 17:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-03-28 15:43 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-03-28 15:43 - 2014-05-14 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-03-28 15:43 - 2014-05-14 17:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-03-28 15:43 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-03-28 15:43 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-03-28 15:43 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-03-28 15:43 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-03-27 20:45 - 2019-03-30 08:08 - 000000000 ___SD C:\Users\stratos\AppData\LocalLow\Temp
2019-03-27 20:12 - 2019-03-27 20:12 - 007316688 _____ (Malwarebytes) C:\Users\stratos\Downloads\adwcleaner_7.2.7.0.exe
2019-03-27 20:12 - 2019-03-27 20:12 - 000000000 ____D C:\AdwCleaner
2019-03-27 19:57 - 2019-03-28 18:34 - 000000000 ____D C:\Users\stratos\AppData\Local\Google
2019-03-27 19:57 - 2019-03-28 15:52 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-27 19:57 - 2019-03-28 15:52 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 19:57 - 2019-03-27 19:57 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-27 19:57 - 2019-03-27 19:57 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-27 19:57 - 2019-03-27 19:57 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-27 19:56 - 2019-03-27 19:56 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-27 19:56 - 2019-03-27 19:56 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-27 19:56 - 2019-03-27 19:56 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-27 19:56 - 2019-03-27 19:56 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\Users\stratos\AppData\Roaming\AVAST Software
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\Users\stratos\AppData\Local\CEF
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-03-27 19:56 - 2019-03-27 19:56 - 000000000 ____D C:\Program Files\AVAST Software
2019-03-27 19:55 - 2019-03-27 19:56 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-27 19:55 - 2019-03-27 19:55 - 007687408 _____ (AVAST Software) C:\Users\stratos\Downloads\avast_free_antivirus_setup_online_a3c.exe
2019-03-27 19:55 - 2019-03-27 19:55 - 000057560 _____ C:\Users\stratos\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-27 19:49 - 2019-03-29 17:34 - 000000000 ____D C:\Users\stratos\AppData\LocalLow\Mozilla
2019-03-27 19:49 - 2019-03-27 19:49 - 000322312 _____ (Mozilla) C:\Users\stratos\Downloads\Firefox Installer.exe
2019-03-27 19:49 - 2019-03-27 19:49 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-27 19:49 - 2019-03-27 19:49 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-03-27 19:49 - 2019-03-27 19:49 - 000000000 ____D C:\Users\stratos\AppData\Roaming\Mozilla
2019-03-27 19:49 - 2019-03-27 19:49 - 000000000 ____D C:\Users\stratos\AppData\Local\Mozilla
2019-03-27 19:49 - 2019-03-27 19:49 - 000000000 ____D C:\ProgramData\Mozilla
2019-03-27 19:49 - 2019-03-27 19:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-27 19:49 - 2019-03-27 19:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-27 19:42 - 2019-03-28 15:43 - 000000000 ____D C:\Users\stratos\AppData\Local\ESET
2019-03-27 19:42 - 2019-03-27 19:42 - 007659128 _____ (ESET spol. s r.o.) C:\Users\stratos\Downloads\esetonlinescanner_csy.exe
2019-03-27 19:41 - 2019-03-27 19:41 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-03-27 19:41 - 2019-03-27 19:41 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-03-27 19:41 - 2014-06-17 13:13 - 000941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2019-03-27 19:41 - 2014-06-17 13:13 - 000107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2019-03-27 19:41 - 2014-06-17 13:13 - 000073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2019-03-27 18:44 - 2019-03-27 18:44 - 000000000 ____D C:\Users\stratos\Documents\lan driver
2019-03-27 18:42 - 2019-03-27 18:42 - 000001443 _____ C:\Users\stratos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-03-27 18:42 - 2019-03-27 18:42 - 000001409 _____ C:\Users\stratos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2019-03-27 18:42 - 2019-03-27 18:42 - 000000020 ___SH C:\Users\stratos\ntuser.ini
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Šablony
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Soubory cookie
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Poslední
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Okolní tiskárny
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Okolní síť
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Nabídka Start
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Dokumenty
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Documents\Obrázky
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Documents\Hudba
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Documents\Filmy
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\Data aplikací
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 _SHDL C:\Users\stratos\AppData\Local\Data aplikací
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 ____D C:\Users\stratos\AppData\Local\VirtualStore
2019-03-27 18:42 - 2019-03-27 18:42 - 000000000 ____D C:\Users\stratos
2019-03-27 18:42 - 2010-11-21 10:38 - 000000000 ____D C:\Users\stratos\AppData\Roaming\Media Center Programs
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Šablony
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Poslední
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Šablony
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Plocha
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-03-27 18:41 - 2019-03-27 18:41 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-03-27 18:40 - 2019-03-27 18:40 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2019-03-27 18:40 - 2019-03-27 18:40 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2019-03-27 18:39 - 2019-03-27 18:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-03-27 18:38 - 2019-03-27 18:42 - 000000000 ____D C:\Windows\Panther

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-30 08:11 - 2009-07-14 05:45 - 000021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-30 08:11 - 2009-07-14 05:45 - 000021264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-30 08:09 - 2010-11-21 10:27 - 000622422 _____ C:\Windows\system32\perfh005.dat
2019-03-30 08:09 - 2010-11-21 10:27 - 000118604 _____ C:\Windows\system32\perfc005.dat
2019-03-30 08:09 - 2009-07-14 06:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-30 08:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-30 08:04 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-28 17:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-03-28 15:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-03-27 19:42 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-03-27 18:41 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT
2019-03-27 18:40 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-03-27 18:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-03-27 18:38 - 2009-07-14 05:45 - 000274736 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-27 18:37 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-03-27 18:37 - 2009-07-14 05:45 - 000000000 ____D C:\Windows\Setup

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-27 19:03

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by stratos (30-03-2019 08:15:52)
Running from C:\Users\stratos\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-03-27 17:42:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2028103741-66547598-1420609312-500 - Administrator - Disabled)
Guest (S-1-5-21-2028103741-66547598-1420609312-501 - Limited - Disabled)
stratos (S-1-5-21-2028103741-66547598-1420609312-1000 - Administrator - Enabled) => C:\Users\stratos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.2 - Mozilla)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1671DEC3-7BC3-4387-A573-EFA9A8B119B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {18FF3071-C545-4AF9-B878-9BEF9921617D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {23E09283-E85E-4862-A57A-B1F5C8DD276C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F1F9B29D-5670-4EDC-B0FA-895F0A594B33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-03-29 17:14 - 2019-03-30 08:08 - 001121280 _____ (ESET) [File not signed] C:\Users\stratos\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2028103741-66547598-1420609312-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\stratos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8D925DB6-3281-4795-B586-0E8ACB1DE694}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4D013277-6410-4187-9CE4-443C260E7804}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F96ACD94-407A-4BC6-9179-F0FF5E33FF66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

27-03-2019 19:10:34 Naplánovaný kontrolní bod
27-03-2019 19:40:59 Instalováno Realtek Ethernet Controller Driver
28-03-2019 15:43:17 Windows Update

==================== Faulty Device Manager Devices =============

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.

Error: (03/30/2019 08:15:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.


System errors:
=============
Error: (03/30/2019 08:09:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/30/2019 08:09:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\stratos\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/30/2019 08:09:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/30/2019 08:09:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\stratos\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/30/2019 08:09:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/30/2019 08:09:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\stratos\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/30/2019 08:09:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/30/2019 08:09:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\stratos\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 59%
Total physical RAM: 8173.43 MB
Available physical RAM: 3320.87 MB
Total Virtual: 16345.06 MB
Available Virtual: 11594.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:197.04 GB) NTFS

\\?\Volume{2682091b-50b7-11e9-ba97-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DA83128E)

==================== End of Addition.txt ============================

[Rudy]

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Jensen2411]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-30-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [27/03/2019 20:12:31]
AdwCleaner[S01].txt - [1318 octets] - [28/03/2019 16:23:14]
AdwCleaner[C01].txt - [1504 octets] - [28/03/2019 16:23:19]
AdwCleaner[S02].txt - [1440 octets] - [28/03/2019 18:27:35]
AdwCleaner[S03].txt - [1501 octets] - [28/03/2019 18:32:12]
AdwCleaner[S04].txt - [1562 octets] - [29/03/2019 17:39:43]
AdwCleaner[C04].txt - [1748 octets] - [29/03/2019 17:40:37]
AdwCleaner[S05].txt - [1684 octets] - [30/03/2019 08:26:14]
AdwCleaner[C05].txt - [1870 octets] - [30/03/2019 08:26:26]
AdwCleaner[S06].txt - [1806 octets] - [30/03/2019 17:46:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {23E09283-E85E-4862-A57A-B1F5C8DD276C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F1F9B29D-5670-4EDC-B0FA-895F0A594B33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Mimochodem: a ta wifina bere data z internetu odkud?

[Jensen2411]

Internet mám realizován pomocí optické sítě, do které je napojen kabelový modem Arris TG2492, z něj je wifi pro jednu část domu. Z tohoto modelu dále vede kabel přes husí krk do další části domu kde je wifi router tp-link do kterého je kabelem připojen stolní počítač. Všechny zařízení mají ip adresu okolo 192.168...
Když mi stránka google vyhodí ten text, tak je tam úplně jiná ip adresa začínající na 109.105... A tady je ten fix log.


Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019


Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by stratos (30-03-2019 20:20:31) Run:1
Running from C:\Users\stratos\Desktop
Loaded Profiles: stratos (Available Profiles: stratos)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {23E09283-E85E-4862-A57A-B1F5C8DD276C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F1F9B29D-5670-4EDC-B0FA-895F0A594B33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23E09283-E85E-4862-A57A-B1F5C8DD276C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23E09283-E85E-4862-A57A-B1F5C8DD276C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1F9B29D-5670-4EDC-B0FA-895F0A594B33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F9B29D-5670-4EDC-B0FA-895F0A594B33}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3777932 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3277898 B
Edge => 0 B
Chrome => 397607813 B
Firefox => 244712901 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18029 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
stratos => 42142139 B

RecycleBin => 0 B
EmptyTemp: => 667.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:20:53 ====

[Rudy]

Smazáno, log je již OK. IP 192.168.x.x jsou adresy vnitřní sítě. Kdežto IP 109.105.x.x je adresa venkovního internetu (např. to může být hraniční router vašeho ISP). Z toho, co říkáte je jasné, že že i ta wifina má stejný přístup do internetu, jako ostatní zařízení.

[Jensen2411]

Dobře, poradíte mi prosím jak tento problém vyřešit? Já s tímto nemám žádné zkušenosti. Dokonce jsem přemýšlel nad nahrazením wifi routeru od tp-linku.

[Rudy]

Toto nezměníte. Je třeba počkat, ono se to ztratí samo. Nelze řešit něco, co je původem od Google (Google se tím brání DDoS útokům) na vašem PC. Všechny ostatní stanice vašeho ISP v tuto chvíli mají zřejmě stejný problém, neboť

Naše systémy zjistily, že vaše počítačová síť je zdrojem neobvyklého provozu.

Až se provoz ustálí, upozornění samo zmizí. U mého ISP se to také občas stane. Do té doby budete muset požívat jiný vyhledávač.

[Jensen2411]

Dobrá tedy, velmi děkuji za pomoc

[Rudy]

Nemáte zač!