VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vyskakování reklam v prohlížeči

https://forum.viry.cz:443/viewtopic.php?t=146156

Stránka 1 z 1

Vyskakování reklam v prohlížeči

Napsal: 22 zář 2015 20:32
od supervisor
Přítelkyni v notebooku v prohlížečí vyskočí každou chvilku nějaké okýnko s reklamou a dělá to ve všech prohlížečích.

Log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by Míša (administrator) on MÍŠA-PC (22-09-2015 21:28:02)
Running from C:\Users\Míša\Downloads
Loaded Profiles: Míša (Available Profiles: Míša)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Cinema PlusV17.08) C:\Program Files\CinemaP-1.9cV17.08\fd805d1e-abba-4789-9a46-8d2ea4467df1-1-6.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-26] (AVAST Software)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [311296 2007-11-21] (Sony Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-08-14] (Sony Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-11] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{27EBEBF9-4D93-4465-A190-E031993E3DCD}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3409466872-446764647-380554783-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3409466872-446764647-380554783-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3409466872-446764647-380554783-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {01E6CB2A-7CC4-4F52-AF89-102E8494EB50} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {5710CBBE-040E-4060-BA54-00FBD1D0A0FE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {6DF57F23-0AF9-446E-A9D8-4D3FB7153596} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {77DCB513-A3C6-43F5-B8AA-149BA85C86D7} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {8341AC0B-2569-40D7-BA5A-822C1E4554E5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {A8824F5F-7F90-4421-BCB5-256AD335254C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {AB4C2A44-8AAA-4C9C-986C-971F0652E574} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {D387345A-A149-4418-8189-76E976D00481} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3409466872-446764647-380554783-1000 -> {D86633F8-E177-4F8A-9C77-EB8808116F7B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: CinemaP-1.9cV17.08 - C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-09-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10]
FF Extension: No Name - C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-28]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-10]

Opera:
=======
OPR Extension: (CinemaP-1.9cV17.08) - C:\Users\Míša\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-08-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-11] (Avast Software)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-08-14] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-11] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2015-05-15] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [256160 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-08-11] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-11] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-11] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [818688 2007-11-16] (Texas Instruments)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-11] (Avast Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MA7580~1\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\MA7580~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-22 21:24 - 2015-09-22 21:26 - 00023857 _____ C:\Users\Míša\Downloads\Addition.txt
2015-09-22 21:23 - 2015-09-22 21:28 - 00011600 _____ C:\Users\Míša\Downloads\FRST.txt
2015-09-22 21:23 - 2015-09-22 21:28 - 00000000 ____D C:\FRST
2015-09-22 21:23 - 2015-09-22 21:23 - 01695232 _____ (Farbar) C:\Users\Míša\Downloads\FRST.exe
2015-09-22 21:22 - 2015-09-22 21:22 - 00772016 _____ (Reimage®) C:\Users\Míša\Downloads\reimagerepair(2).exe
2015-09-22 21:00 - 2015-09-22 21:15 - 00003726 _____ C:\Users\Míša\Downloads\hijackthis.log
2015-09-22 21:00 - 2015-09-22 21:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Míša\Downloads\HijackThis.exe
2015-09-22 19:19 - 2015-09-22 19:19 - 00000000 ___SD C:\ComboFix
2015-09-22 19:19 - 2015-09-22 19:19 - 00000000 ___SD C:\32788R22FWJFW
2015-09-22 19:12 - 2015-09-22 19:12 - 00013267 _____ C:\ComboFix.txt
2015-09-22 19:01 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-22 19:01 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-22 19:01 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-22 19:01 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-22 19:01 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-22 19:01 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-22 19:01 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-22 19:01 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-22 19:00 - 2015-09-22 19:19 - 00000000 ____D C:\Qoobox
2015-09-22 18:59 - 2015-09-22 19:10 - 00000000 ____D C:\Windows\erdnt
2015-09-22 18:59 - 2015-09-22 18:59 - 05635484 ____R (Swearware) C:\Users\Míša\Downloads\ComboFix.exe
2015-09-22 18:41 - 2015-09-22 18:41 - 00000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-22 18:41 - 2015-09-22 18:41 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-22 18:41 - 2015-09-22 18:41 - 00000000 ____D C:\Users\Míša\AppData\Roaming\Mozilla
2015-09-22 18:41 - 2015-09-22 18:41 - 00000000 ____D C:\Users\Míša\AppData\Local\Mozilla
2015-09-22 18:41 - 2015-09-22 18:41 - 00000000 ____D C:\ProgramData\Mozilla
2015-09-22 18:41 - 2015-09-22 18:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-09-22 18:40 - 2015-07-07 16:25 - 00000000 ____D C:\Users\Míša\Desktop\firefox
2015-09-20 12:46 - 2015-08-13 16:15 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-20 12:46 - 2015-08-13 16:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-20 12:45 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-20 12:45 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-20 12:43 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-20 12:41 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-20 12:41 - 2015-09-02 21:55 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-20 12:41 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-20 12:41 - 2015-08-05 17:59 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-16 08:57 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-16 08:57 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-16 08:57 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-16 08:57 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-16 08:57 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-16 08:57 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-16 08:57 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-16 08:57 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-16 08:57 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-16 08:57 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-16 08:57 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-16 08:57 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-16 07:40 - 2015-09-22 20:07 - 00011596 _____ C:\Windows\PFRO.log
2015-09-15 14:43 - 2015-09-15 14:43 - 00242912 _____ C:\Users\Míša\Downloads\Firefox Setup Stub 40.0.3.exe
2015-09-15 14:09 - 2015-09-15 14:09 - 00000000 ____D C:\Users\Míša\Desktop\Původní data aplikace Firefox
2015-09-03 08:05 - 2015-09-14 08:08 - 00000148 _____ C:\Windows\Reimage.ini
2015-09-03 08:04 - 2015-09-03 08:05 - 00772016 _____ (Reimage®) C:\Users\Míša\Downloads\ReimageRepair(1).exe
2015-09-03 07:51 - 2015-09-03 07:52 - 00772016 _____ (Reimage®) C:\Users\Míša\Downloads\ReimageRepair.exe
2015-08-28 14:28 - 2015-09-22 18:41 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-22 21:21 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-22 21:21 - 2006-11-02 14:47 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-22 21:16 - 2009-04-11 14:37 - 01714242 _____ C:\Windows\WindowsUpdate.log
2015-09-22 21:15 - 2015-08-17 17:15 - 00003118 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-1-6.job
2015-09-22 21:14 - 2015-08-17 17:14 - 00005498 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-6.job
2015-09-22 21:00 - 2015-04-10 08:00 - 00000000 ____D C:\Users\Míša\AppData\Local\VirtualStore
2015-09-22 20:07 - 2015-08-17 17:15 - 00004138 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-4.job
2015-09-22 20:07 - 2015-08-17 17:15 - 00003118 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-1-7.job
2015-09-22 20:07 - 2015-08-17 17:15 - 00002426 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-5.job
2015-09-22 20:07 - 2015-08-17 17:14 - 00005164 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-11.job
2015-09-22 20:07 - 2015-08-17 17:14 - 00005162 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-7.job
2015-09-22 20:07 - 2015-08-17 17:13 - 00004138 _____ C:\Windows\Tasks\fd805d1e-abba-4789-9a46-8d2ea4467df1-3.job
2015-09-22 20:07 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-22 19:24 - 2015-04-10 07:53 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-09-22 19:24 - 2006-11-02 15:01 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-22 19:12 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2015-09-22 19:12 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-09-22 19:10 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2015-09-22 19:09 - 2015-08-17 17:14 - 00000000 ____D C:\Program Files\1c1ee5ff-506b-4738-995c-9df6e82731c4
2015-09-22 19:09 - 2015-08-17 17:13 - 00000000 ____D C:\Program Files\CinemaP-1.9cV17.08
2015-09-22 19:09 - 2015-04-12 16:56 - 00000000 ____D C:\Program Files\Apple Software Update
2015-09-22 18:33 - 2015-04-10 21:15 - 00000000 ____D C:\Program Files\The KMPlayer
2015-09-22 18:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-21 09:38 - 2009-04-13 11:32 - 01418230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-21 09:10 - 2015-04-12 09:14 - 00002673 _____ C:\Users\Míša\Desktop\Microsoft Office Word 2003.lnk
2015-09-21 08:59 - 2015-07-08 13:49 - 367052800 _____ C:\Users\Míša\Downloads\5x05-Dr.-House..avi
2015-09-21 08:59 - 2015-07-08 13:26 - 367065088 _____ C:\Users\Míša\Downloads\5x07-Dr.-House..avi
2015-09-20 16:20 - 2015-04-27 08:01 - 00000000 ____D C:\Users\Míša\AppData\Local\Apple Computer
2015-09-20 13:30 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-09-20 13:10 - 2006-11-02 14:47 - 00345448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-20 13:07 - 2015-08-17 17:11 - 00000000 ____D C:\Program Files\Opera
2015-09-20 13:04 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-20 12:33 - 2015-04-10 12:39 - 00000000 ____D C:\Windows\system32\MRT
2015-09-15 14:33 - 2015-04-28 09:06 - 00000000 ____D C:\Program Files\Google
2015-09-15 14:32 - 2015-08-17 17:15 - 00000000 ____D C:\Users\Míša\AppData\Roaming\Seznam.cz
2015-09-15 14:32 - 2015-04-28 09:06 - 00000000 ____D C:\Users\Míša\AppData\Local\Google
2015-09-10 18:40 - 2015-04-10 09:56 - 00100864 _____ C:\Users\Míša\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-02 10:27 - 2015-04-19 14:20 - 00000626 _____ C:\Users\Míša\AppData\Roaming\pl57zk8307h5UTVM8pJ3T
2015-08-26 18:36 - 2006-11-02 12:24 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Files in the root of some directories =======

2015-04-19 14:20 - 2015-09-02 10:27 - 0000626 _____ () C:\Users\Míša\AppData\Roaming\pl57zk8307h5UTVM8pJ3T
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Míša\AppData\Roaming\pl57zk8307h5UTVM8pJ3T.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Míša\AppData\Roaming\YzSbCbeczPcWe7sA
2015-04-10 08:00 - 2015-04-10 08:22 - 0000680 _____ () C:\Users\Míša\AppData\Local\d3d9caps.dat
2015-04-10 09:56 - 2015-09-10 18:40 - 0100864 _____ () C:\Users\Míša\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-22 20:13

==================== End of FRST.txt ============================

Re: Vyskakování reklam v prohlížeči

Napsal: 22 zář 2015 21:20
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Vyskakování reklam v prohlížeči

Napsal: 22 zář 2015 21:44
od supervisor
# AdwCleaner v5.008 - Logfile created 22/09/2015 at 22:38:16
# Updated 18/09/2015 by Xplode
# Database : 2015-09-22.3 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Míša - MÍŠA-PC
# Running from : C:\Users\Míša\Downloads\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\CinemaP-1.9cV17.08
[-] Folder Deleted : C:\Users\Míša\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Míša\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\Extensions\AVJYFVOD75109374@HCDE39471360.com

***** [ Files ] *****

[-] File Deleted : C:\Windows\Reimage.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : ReimageUpdater
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-1-6
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-1-7
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-11
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-3
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-4
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-5
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-5_user
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-6
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-7
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-1-6
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-1-7
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-11
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-3
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-4
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-5
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-6
[-] Task Deleted : fd805d1e-abba-4789-9a46-8d2ea4467df1-7

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV17.08
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV17.08
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CinemaP-1.9cV17.08
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_

***** [ Web browsers ] *****

[-] [C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\prefs.js] [Preference] Deleted : user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anth[...]
[-] [C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\prefs.js] [Preference] Deleted : user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]
[-] [C:\Users\Míša\AppData\Roaming\Mozilla\Firefox\Profiles\1l2i5rjh.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "14ff60b206bcc02b043c794e1858f791");

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10006 bytes] ##########

Re: Vyskakování reklam v prohlížeči

Napsal: 23 zář 2015 17:14
od Rudy
Dejte nový log FRST.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz