VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vyskakující okna v chromu

https://forum.viry.cz:443/viewtopic.php?t=146024

Stránka 1 z 2

Vyskakující okna v chromu

Napsal: 13 zář 2015 09:28
od industrol
Dobrý den, problém jsou vyskakující okna v chromu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-09-2015
Ran by admin (administrator) on TRT-D02A6EEC194 (13-09-2015 10:22:12)
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Apple Inc.) C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
(Pinnacle Systems GmbH) C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\CameraAssistant.exe
(Logitech Inc.) C:\WINDOWS\system32\ElkCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.1\program\soffice.bin
(Software602 a.s.) C:\Program Files\Common Files\Soft602\602updsvc\602updsvc.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16844800 2007-09-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [417792 2009-10-13] (Apple Inc.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [LogitechCameraAssistant] => C:\Program Files\Logitech\Video\CameraAssistant.exe [489472 2005-12-07] (Logitech Inc.)
HKLM\...\Run: [LogitechVideo[inspector]] => C:\Program Files\Logitech\Video\InstallHelper.exe [73728 2005-12-07] (Logitech Inc.)
HKLM\...\Run: [LogitechCameraService(E)] => C:\WINDOWS\system32\ElkCtrl.exe [262144 2004-11-01] (Logitech Inc.)
HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2569616 2010-07-26] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector10\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [223096 2012-04-17] (CyberLink Corp.)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-05-15] (Hewlett-Packard Company)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.1.lnk [2008-05-22]
ShortcutTarget: OpenOffice.org 2.1.lnk -> C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D8083467-C575-475C-8051-432C4C02BE6D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> {0A4D55B6-13FF-431E-9E8E-8B4B01F2BA1C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
Toolbar: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-09-09] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237926463250
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.cortona3d.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-776561741-682003330-1004: @kb-ext.cz/PKIComponent -> C:\Documents and Settings\admin\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-09-26] (Komerční banka, a.s.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-08]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.cz/", "hxxps://www.google.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.google.cz/search?hl=cs&source=hp&q= ... q=0&oq=bli
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Plugin: (Shockwave Flash
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\PepperFlash\\pepflashplayer.dll") - "name": "Shockwave Flash",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\ppGoogleNaClPluginChrome.dll") - "name": "Native Client",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\pdf.dll") - "name": "Chrome PDF Viewer",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\pdf.dll => No File
CHR Plugin: (Skype Click to Call
"path": "C:\\Documents and Settings\\admin\\Local Settings\\Data aplikací\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\6.6.0.11664_0\\npSkypeChromePlugin.dll") - "name": "Skype Click to Call",
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Adobe Acrobat
"path": "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll") - "name": "Adobe Acrobat",
C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U12
"path": "C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll") - "name": "Java(TM) Platform SE 6 U12",
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npdrmv2.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npdrmv2.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library
"path": "C:\\Program Files\\Windows Media Player\\npdsplay.dll") - "name": "Windows Media Player Plug-in Dynamic Link Library",
C:\Program Files\Windows Media Player\npdsplay.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npwmsdrm.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npwmsdrm.dll => No File
CHR Plugin: (Google Update
"path": "C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll") - "name": "Google Update",
C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Software602 Form Filler
"path": "C:\\Program Files\\Software602\\602XML\\Filler\\npfiller.dll") - "name": "Software602 Form Filler",
C:\Program Files\Software602\602XML\Filler\npfiller.dll => No File
CHR Plugin: (Shockwave Flash
"path": "C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_5_502_149.dll") - "name": "Shockwave Flash",
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21
"path": "C:\\WINDOWS\\system32\\npDeployJava1.dll") - "name": "Java Deployment Toolkit 7.0.110.21",
C:\WINDOWS\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In
"path": "c:\\Program Files\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll") - "name": "Silverlight Plug-In",
c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation
"path": "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll") - "name": "Windows Presentation Foundation",
c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll => No File
CHR Profile: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-17]
CHR Extension: (YouTube) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-17]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-17]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-12-08] (Macrovision Europe Ltd.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [137680 2010-07-27] ()
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 602SQL 8 FastCGI Client; c:\Program Files\webgencz\602FSVC8.EXE [X]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerPola; C:\WINDOWS\System32\DRIVERS\AVerPola.sys [665984 2012-11-01] (AVerMedia TECHNOLOGIES, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 gdrv; C:\WINDOWS\gdrv.sys [16376 2008-05-22] (Windows (R) 2000 DDK provider)
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 cpuz134; \??\C:\WINDOWS\TEMP\cpuz134\cpuz134_x32.sys [X]
S3 cpuz136; \??\C:\DOCUME~1\admin\LOCALS~1\Temp\cpuz136\cpuz136_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: uioqhbbuz -> no filepath.
NETSVC: ofifxadw -> no filepath.

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 10:22 - 2015-09-13 10:22 - 00019615 _____ C:\Documents and Settings\admin\Plocha\FRST.txt
2015-09-04 08:47 - 2015-09-13 10:21 - 00000000 ____D C:\Documents and Settings\admin\Plocha\FRST-OlderVersion
2015-08-23 17:14 - 2015-09-12 10:21 - 00000000 ____D C:\Documents and Settings\admin\Plocha\chrudimka
2015-08-21 09:14 - 2015-09-04 19:30 - 00000000 ____D C:\AdwCleaner
2015-08-21 09:14 - 2015-08-21 09:14 - 01605632 _____ C:\Documents and Settings\admin\Plocha\adwcleaner_5.003.exe
2015-08-21 08:33 - 2015-09-13 10:22 - 00000000 ____D C:\FRST
2015-08-21 08:30 - 2015-09-13 10:21 - 01692160 _____ (Farbar) C:\Documents and Settings\admin\Plocha\FRST.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 10:22 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin\Plocha
2015-09-13 10:22 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Temp
2015-09-13 10:18 - 2015-01-28 13:13 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-13 09:37 - 2008-05-22 20:45 - 01462171 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-13 09:35 - 2015-01-28 13:13 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-13 09:35 - 2014-03-18 09:50 - 00000222 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-13 09:35 - 2008-05-22 22:30 - 00000157 _____ C:\WINDOWS\wiadebug.log
2015-09-13 09:35 - 2008-05-22 22:30 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-09-13 09:35 - 2008-05-22 21:13 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\OpenOffice.org2
2015-09-13 09:35 - 2008-05-22 20:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-12 10:21 - 2008-05-22 20:50 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2015-09-12 10:21 - 2008-05-22 20:49 - 00032528 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-12 07:38 - 2015-08-12 07:44 - 00000024 _____ C:\Documents and Settings\admin\Data aplikací\appdataFr25.bin
2015-09-12 07:36 - 2006-03-02 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-11 07:43 - 2014-12-09 13:46 - 00000000 ____D C:\Documents and Settings\admin\Plocha\stahovani TOM
2015-09-09 07:08 - 2008-12-31 15:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 07:06 - 2013-07-17 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 17:00 - 2008-05-22 21:13 - 00002573 _____ C:\Documents and Settings\admin\Plocha\OpenOffice.org Writer.lnk
2015-09-08 16:40 - 2008-12-31 15:18 - 00002481 _____ C:\Documents and Settings\admin\Plocha\Microsoft Office PowerPoint 2007.lnk
2015-09-08 07:52 - 2015-02-10 11:20 - 00000000 ____D C:\UCTO2015
2015-09-01 07:49 - 2014-01-07 12:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-31 08:09 - 2015-04-24 14:03 - 00000000 ___RD C:\Documents and Settings\admin\Plocha\FU-podání- certifikat-15
2015-08-31 08:07 - 2008-05-22 20:50 - 00000000 ___RD C:\Documents and Settings\admin\Dokumenty
2015-08-31 07:46 - 2008-05-22 22:27 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-08-31 07:44 - 2009-01-04 21:54 - 00000000 ____D C:\Program Files\DG
2015-08-31 07:44 - 2008-05-22 22:27 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-08-26 18:36 - 2008-05-22 21:36 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-26 16:58 - 2013-12-01 13:52 - 00000000 ____D C:\Documents and Settings\admin\Plocha\šmoula
2015-08-24 19:08 - 2014-05-25 09:27 - 00000000 ____D C:\Documents and Settings\admin\Plocha\FU-stažení-potvrzení
2015-08-22 12:27 - 2008-07-09 19:22 - 00000000 ____D C:\Trifid
2015-08-21 21:08 - 2010-07-15 11:58 - 00000000 ____D C:\Documents and Settings\admin\KBCertifikat--15-
2015-08-21 21:08 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin
2015-08-21 09:11 - 2015-06-27 07:22 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-21 09:05 - 2008-05-22 20:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2015-08-16 09:39 - 2015-05-24 10:16 - 01563223 _____ C:\Documents and Settings\admin\Plocha\světla.odt

==================== Files in the root of some directories =======

2015-08-12 07:44 - 2015-09-12 07:38 - 0000024 _____ () C:\Documents and Settings\admin\Data aplikací\appdataFr25.bin
2009-06-19 19:45 - 2015-03-24 23:06 - 0059904 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 11:15
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 16:13
od industrol
# AdwCleaner v5.003 - Logfile created 13/09/2015 at 16:26:30
# Updated 20/08/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : admin - TRT-D02A6EEC194
# Running from : C:\Documents and Settings\admin\Plocha\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Yahoo!\Companion

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1555 bytes] ##########

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 16:28
od Rudy
Dejte nový log FRST.

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 17:02
od industrol
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-09-2015
Ran by admin (administrator) on TRT-D02A6EEC194 (13-09-2015 17:41:04)
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Apple Inc.) C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
(Pinnacle Systems GmbH) C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\CameraAssistant.exe
(Logitech Inc.) C:\WINDOWS\system32\ElkCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 2.1\program\soffice.bin
(Software602 a.s.) C:\Program Files\Common Files\Soft602\602updsvc\602updsvc.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16844800 2007-09-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [417792 2009-10-13] (Apple Inc.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Print2PDF Print Monitor] => C:\Program Files\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM\...\Run: [LogitechCameraAssistant] => C:\Program Files\Logitech\Video\CameraAssistant.exe [489472 2005-12-07] (Logitech Inc.)
HKLM\...\Run: [LogitechVideo[inspector]] => C:\Program Files\Logitech\Video\InstallHelper.exe [73728 2005-12-07] (Logitech Inc.)
HKLM\...\Run: [LogitechCameraService(E)] => C:\WINDOWS\system32\ElkCtrl.exe [262144 2004-11-01] (Logitech Inc.)
HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2569616 2010-07-26] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector10\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [223096 2012-04-17] (CyberLink Corp.)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-05-15] (Hewlett-Packard Company)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG)
HKU\S-1-5-21-436374069-776561741-682003330-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.1.lnk [2008-05-22]
ShortcutTarget: OpenOffice.org 2.1.lnk -> C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D8083467-C575-475C-8051-432C4C02BE6D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> {0A4D55B6-13FF-431E-9E8E-8B4B01F2BA1C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://www.webhledani.cz/results.aspx?i=39&tp= ... earchTerms}
Toolbar: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2010-09-09] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-436374069-776561741-682003330-1004 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237926463250
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.cortona3d.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-436374069-776561741-682003330-1004: @kb-ext.cz/PKIComponent -> C:\Documents and Settings\admin\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-09-26] (Komerční banka, a.s.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-08]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.cz/", "hxxps://www.google.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.google.cz/search?hl=cs&source=hp&q= ... q=0&oq=bli
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Plugin: (Shockwave Flash
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\PepperFlash\\pepflashplayer.dll") - "name": "Shockwave Flash",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\ppGoogleNaClPluginChrome.dll") - "name": "Native Client",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer
"path": "C:\\Program Files\\Google\\Chrome\\Application\\40.0.2214.93\\pdf.dll") - "name": "Chrome PDF Viewer",
C:\Program Files\Google\Chrome\Application\40.0.2214.93\pdf.dll => No File
CHR Plugin: (Skype Click to Call
"path": "C:\\Documents and Settings\\admin\\Local Settings\\Data aplikací\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\6.6.0.11664_0\\npSkypeChromePlugin.dll") - "name": "Skype Click to Call",
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Adobe Acrobat
"path": "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll") - "name": "Adobe Acrobat",
C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U12
"path": "C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll") - "name": "Java(TM) Platform SE 6 U12",
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npdrmv2.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npdrmv2.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library
"path": "C:\\Program Files\\Windows Media Player\\npdsplay.dll") - "name": "Windows Media Player Plug-in Dynamic Link Library",
C:\Program Files\Windows Media Player\npdsplay.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npwmsdrm.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npwmsdrm.dll => No File
CHR Plugin: (Google Update
"path": "C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll") - "name": "Google Update",
C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Software602 Form Filler
"path": "C:\\Program Files\\Software602\\602XML\\Filler\\npfiller.dll") - "name": "Software602 Form Filler",
C:\Program Files\Software602\602XML\Filler\npfiller.dll => No File
CHR Plugin: (Shockwave Flash
"path": "C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_5_502_149.dll") - "name": "Shockwave Flash",
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21
"path": "C:\\WINDOWS\\system32\\npDeployJava1.dll") - "name": "Java Deployment Toolkit 7.0.110.21",
C:\WINDOWS\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In
"path": "c:\\Program Files\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll") - "name": "Silverlight Plug-In",
c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation
"path": "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll") - "name": "Windows Presentation Foundation",
c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll => No File
CHR Profile: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-17]
CHR Extension: (YouTube) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-17]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-17]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-12-08] (Macrovision Europe Ltd.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [137680 2010-07-27] ()
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 602SQL 8 FastCGI Client; c:\Program Files\webgencz\602FSVC8.EXE [X]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerPola; C:\WINDOWS\System32\DRIVERS\AVerPola.sys [665984 2012-11-01] (AVerMedia TECHNOLOGIES, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 gdrv; C:\WINDOWS\gdrv.sys [16376 2008-05-22] (Windows (R) 2000 DDK provider)
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 cpuz134; \??\C:\WINDOWS\TEMP\cpuz134\cpuz134_x32.sys [X]
S3 cpuz136; \??\C:\DOCUME~1\admin\LOCALS~1\Temp\cpuz136\cpuz136_x32.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: uioqhbbuz -> no filepath.
NETSVC: ofifxadw -> no filepath.

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 10:22 - 2015-09-13 17:41 - 00019615 _____ C:\Documents and Settings\admin\Plocha\FRST.txt
2015-09-04 08:47 - 2015-09-13 10:21 - 00000000 ____D C:\Documents and Settings\admin\Plocha\FRST-OlderVersion
2015-08-23 17:14 - 2015-09-12 10:21 - 00000000 ____D C:\Documents and Settings\admin\Plocha\chrudimka
2015-08-21 09:14 - 2015-09-13 16:26 - 00000000 ____D C:\AdwCleaner
2015-08-21 09:14 - 2015-08-21 09:14 - 01605632 _____ C:\Documents and Settings\admin\Plocha\adwcleaner_5.003.exe
2015-08-21 08:33 - 2015-09-13 17:41 - 00000000 ____D C:\FRST
2015-08-21 08:30 - 2015-09-13 10:21 - 01692160 _____ (Farbar) C:\Documents and Settings\admin\Plocha\FRST.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 17:41 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin\Plocha
2015-09-13 17:41 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Temp
2015-09-13 17:18 - 2015-01-28 13:13 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-13 16:28 - 2008-05-22 20:45 - 01472283 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-13 16:27 - 2015-01-28 13:13 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-13 16:27 - 2014-03-18 09:50 - 00000222 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-09-13 16:27 - 2008-05-22 22:30 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-13 16:27 - 2008-05-22 22:30 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-09-13 16:27 - 2008-05-22 21:13 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\OpenOffice.org2
2015-09-13 16:27 - 2008-05-22 20:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-13 16:26 - 2008-05-22 20:56 - 00000000 ____D C:\Program Files\Yahoo!
2015-09-13 16:26 - 2008-05-22 20:50 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2015-09-13 16:26 - 2008-05-22 20:49 - 00032528 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-12 07:38 - 2015-08-12 07:44 - 00000024 _____ C:\Documents and Settings\admin\Data aplikací\appdataFr25.bin
2015-09-12 07:36 - 2006-03-02 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-11 07:43 - 2014-12-09 13:46 - 00000000 ____D C:\Documents and Settings\admin\Plocha\stahovani TOM
2015-09-09 07:08 - 2008-12-31 15:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-09-09 07:06 - 2013-07-17 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 17:00 - 2008-05-22 21:13 - 00002573 _____ C:\Documents and Settings\admin\Plocha\OpenOffice.org Writer.lnk
2015-09-08 16:40 - 2008-12-31 15:18 - 00002481 _____ C:\Documents and Settings\admin\Plocha\Microsoft Office PowerPoint 2007.lnk
2015-09-08 07:52 - 2015-02-10 11:20 - 00000000 ____D C:\UCTO2015
2015-09-01 07:49 - 2014-01-07 12:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-08-31 08:09 - 2015-04-24 14:03 - 00000000 ___RD C:\Documents and Settings\admin\Plocha\FU-podání- certifikat-15
2015-08-31 08:07 - 2008-05-22 20:50 - 00000000 ___RD C:\Documents and Settings\admin\Dokumenty
2015-08-31 07:46 - 2008-05-22 22:27 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-08-31 07:44 - 2009-01-04 21:54 - 00000000 ____D C:\Program Files\DG
2015-08-31 07:44 - 2008-05-22 22:27 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-08-26 18:36 - 2008-05-22 21:36 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-26 16:58 - 2013-12-01 13:52 - 00000000 ____D C:\Documents and Settings\admin\Plocha\šmoula
2015-08-24 19:08 - 2014-05-25 09:27 - 00000000 ____D C:\Documents and Settings\admin\Plocha\FU-stažení-potvrzení
2015-08-22 12:27 - 2008-07-09 19:22 - 00000000 ____D C:\Trifid
2015-08-21 21:08 - 2010-07-15 11:58 - 00000000 ____D C:\Documents and Settings\admin\KBCertifikat--15-
2015-08-21 21:08 - 2008-05-22 20:50 - 00000000 ____D C:\Documents and Settings\admin
2015-08-21 09:11 - 2015-06-27 07:22 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-21 09:05 - 2008-05-22 20:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2015-08-16 09:39 - 2015-05-24 10:16 - 01563223 _____ C:\Documents and Settings\admin\Plocha\světla.odt

==================== Files in the root of some directories =======

2015-08-12 07:44 - 2015-09-12 07:38 - 0000024 _____ () C:\Documents and Settings\admin\Data aplikací\appdataFr25.bin
2009-06-19 19:45 - 2015-03-24 23:06 - 0059904 _____ () C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 17:49
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Adobe Acrobat
"path": "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll") - "name": "Adobe Acrobat",
C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U12
"path": "C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll") - "name": "Java(TM) Platform SE 6 U12",
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npdrmv2.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npdrmv2.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library
"path": "C:\\Program Files\\Windows Media Player\\npdsplay.dll") - "name": "Windows Media Player Plug-in Dynamic Link Library",
C:\Program Files\Windows Media Player\npdsplay.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npwmsdrm.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npwmsdrm.dll => No File
CHR Plugin: (Google Update
"path": "C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll") - "name": "Google Update",
C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Software602 Form Filler
"path": "C:\\Program Files\\Software602\\602XML\\Filler\\npfiller.dll") - "name": "Software602 Form Filler",
C:\Program Files\Software602\602XML\Filler\npfiller.dll => No File
CHR Plugin: (Shockwave Flash
"path": "C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_5_502_149.dll") - "name": "Shockwave Flash",
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21
"path": "C:\\WINDOWS\\system32\\npDeployJava1.dll") - "name": "Java Deployment Toolkit 7.0.110.21",
C:\WINDOWS\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In
"path": "c:\\Program Files\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll") - "name": "Silverlight Plug-In",
c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation
"path": "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll") - "name": "Windows Presentation Foundation",
c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll => No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
NETSVC: uioqhbbuz -> no filepath.
NETSVC: ofifxadw -> no filepath.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\admin\Local Settings\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 18:01
od industrol
Fix result of Farbar Recovery Scan Tool (x86) Version:13-09-2015 01
Ran by admin (2015-09-13 19:00:57) Run:3
Running from C:\Documents and Settings\admin\Plocha
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Adobe Acrobat
"path": "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll") - "name": "Adobe Acrobat",
C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U12
"path": "C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll") - "name": "Java(TM) Platform SE 6 U12",
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npdrmv2.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npdrmv2.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library
"path": "C:\\Program Files\\Windows Media Player\\npdsplay.dll") - "name": "Windows Media Player Plug-in Dynamic Link Library",
C:\Program Files\Windows Media Player\npdsplay.dll => No File
CHR Plugin: (Microsoft® DRM
"path": "C:\\Program Files\\Windows Media Player\\npwmsdrm.dll") - "name": "Microsoft® DRM",
C:\Program Files\Windows Media Player\npwmsdrm.dll => No File
CHR Plugin: (Google Update
"path": "C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll") - "name": "Google Update",
C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Software602 Form Filler
"path": "C:\\Program Files\\Software602\\602XML\\Filler\\npfiller.dll") - "name": "Software602 Form Filler",
C:\Program Files\Software602\602XML\Filler\npfiller.dll => No File
CHR Plugin: (Shockwave Flash
"path": "C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_5_502_149.dll") - "name": "Shockwave Flash",
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21
"path": "C:\\WINDOWS\\system32\\npDeployJava1.dll") - "name": "Java Deployment Toolkit 7.0.110.21",
C:\WINDOWS\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In
"path": "c:\\Program Files\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll") - "name": "Silverlight Plug-In",
c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation
"path": "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll") - "name": "Windows Presentation Foundation",
c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll => No File
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
NETSVC: uioqhbbuz -> no filepath.
NETSVC: ofifxadw -> no filepath.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\admin\Local Settings\Temp
End



*****************

CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
"C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\npSkypeChromePlugin.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll") - "name": "Adobe Acrobat", => Error: No automatic fix found for this entry.
"C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll") - "name": "Java(TM) Platform SE 6 U12", => Error: No automatic fix found for this entry.
"C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Windows Media Player\\npdrmv2.dll") - "name": "Microsoft® DRM", => Error: No automatic fix found for this entry.
"C:\Program Files\Windows Media Player\npdrmv2.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Windows Media Player\\npdsplay.dll") - "name": "Windows Media Player Plug-in Dynamic Link Library", => Error: No automatic fix found for this entry.
"C:\Program Files\Windows Media Player\npdsplay.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Windows Media Player\\npwmsdrm.dll") - "name": "Microsoft® DRM", => Error: No automatic fix found for this entry.
"C:\Program Files\Windows Media Player\npwmsdrm.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll") - "name": "Google Update", => Error: No automatic fix found for this entry.
"C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File" => File/Folder not found.
"path": "C:\\Program Files\\Software602\\602XML\\Filler\\npfiller.dll") - "name": "Software602 Form Filler", => Error: No automatic fix found for this entry.
"C:\Program Files\Software602\602XML\Filler\npfiller.dll => No File" => File/Folder not found.
"path": "C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32_11_5_502_149.dll") - "name": "Shockwave Flash", => Error: No automatic fix found for this entry.
"C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll => No File" => File/Folder not found.
"path": "C:\\WINDOWS\\system32\\npDeployJava1.dll") - "name": "Java Deployment Toolkit 7.0.110.21", => Error: No automatic fix found for this entry.
"C:\WINDOWS\system32\npDeployJava1.dll => No File" => File/Folder not found.
"path": "c:\\Program Files\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll") - "name": "Silverlight Plug-In", => Error: No automatic fix found for this entry.
"c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File" => File/Folder not found.
"path": "c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll") - "name": "Windows Presentation Foundation", => Error: No automatic fix found for this entry.
"c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll => No File" => File/Folder not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
IntelIde => service removed successfully.
WS2IFSL => service removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs uioqhbbuz => value removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ofifxadw => value removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Documents and Settings\admin\Local Settings\Temp => moved successfully

==== End of Fixlog 19:00:58 ====

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 18:37
od Rudy
Smazáno. Nastala nějaká změna?

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 19:26
od industrol
Bohužel problém stále trvá. Pomůže nějak při identifikaci, když v okně je napsánáno Ads by Max Adblock?

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 20:13
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 21:18
od industrol
Při instalaci se vyskytla chyba a program nelze spustit. Bohužel nejde zřejmě kvůli chybě ani odinstalovat.

Re: Vyskakující okna v chromu

Napsal: 13 zář 2015 21:41
od Rudy
Na XP vám bude fungovat tato verze: http://en.softonic.com/s/malwarebytes-1.5.2 . Přehlédl jsem typ oper. systému. Omlouvám se.

Re: Vyskakující okna v chromu

Napsal: 14 zář 2015 08:23
od industrol
Při instalaci se vyskytla chyba a program nelze spustit. Ve vyhledávání je vezre 1.5.2, ale já tam našel ke stažení 2.1.8 . Možná je tedy chyba na mojí straně, ale jinou jsem nenašel.

Re: Vyskakující okna v chromu

Napsal: 14 zář 2015 16:43
od Rudy
Verze 2.x v XP nebude fungovat. Musíte mít verzi 1.5x. Zkuste tedy pohledat, nicméně z tohoto umístění se ta verze stahovala.

Re: Vyskakující okna v chromu

Napsal: 14 zář 2015 17:45
od industrol
Ze staršího tématu jsem našel tento odkaz:
http://www.bleepingcomputer.com/downloa ... re/dl/241/Neaktualizoval jsem, zůstala 1.75.x a pouze jsem aktualizoval virovou databázi.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2015.09.14.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
admin :: TRT-D02A6EEC194 [administrátor]

Ochrana: Zakázána

14.9.2015 18:10:09
MBAM-log-2015-09-14 (18-42-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 342134
Uplynulý čas: 11 minut, 46 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCR\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} (PUP.Optional.MultiPlug) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6A08B379-76FB-B4CF-0C70-CAFCD3635A77} (PUP.Optional.MultiPlug) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SMARTBAR (PUP.Optional.SmartBar) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\Software\Smartbar|GlobalUserId (PUP.Optional.SmartBar) -> Data: C584C8F6-15AE-410C-B64F-3D2ED4B97FA4 -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Špatný: (0) Dobrý: (1) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\Program Files\AppendGeneration\AppendGeneration.dll (PUP.Optional.MultiPlug.PLY) -> Nebyla provedena žádná instrukce.
C:\Program Files\Utime\Utime.exe (PUP.Optional.MultiPlug) -> Nebyla provedena žádná instrukce.
C:\Program Files\Weather Europe Extension\Weather Europe Extension.exe (PUP.Optional.MultiPlug) -> Nebyla provedena žádná instrukce.
C:\Program Files\Goodness\Goodness.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Program Files\Hover Zoom\Hover Zoom.exe (PUP.Optional.MultiPlug) -> Nebyla provedena žádná instrukce.
C:\SoftonicDownloader_for_samsung-kies.exe (PUP.Optional.SofTonic) -> Nebyla provedena žádná instrukce.

(konec)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz