VIRY.CZ

Môžete mi niekto urobiť kontrolu logu? Počítač je uplne pomaly a často zamrza. Prosím o bližšie informácie. Ďakujem

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Rudy píše:Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Nedokážem stiahnuť z uvedeného webu aplikáciu. Za každým vypisujú prehliadače škodlivý súbor. Vypnul som aj antivírus a nejde to stiahnuť. Neexistuje nejaká iná možnosť stiahnutia, alebo ako pokračovať? Ďakujem za pomoc.

S vypnutým antivirem by to mělo jít stáhnout, vir to není, je to čistič. Jen se vašemu antiviru nelíbí. Zkuste zde: http://www.bleepingcomputer.com/downloa ... scan-tool/ .

Rudy píše:S vypnutým antivirem by to mělo jít stáhnout, vir to není, je to čistič. Jen se vašemu antiviru nelíbí. Zkuste zde: http://www.bleepingcomputer.com/downloa ... scan-tool/ .

Rozumiem, už sa podarilo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Lucia (administrator) on LUCIA-PC (05-01-2016 22:07:30)
Running from C:\Users\Lucia\Desktop
Loaded Profiles: Lucia (Available Profiles: Lucia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [168152 2015-07-28] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
HKLM-x32\...\Run: [3180 Scan2PC] => "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-16] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{99D98D5A-8386-4335-BB11-77D8A2FC7958}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3937307595-4248303218-1734061427-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3937307595-4248303218-1734061427-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-16] (AVG)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lucia\AppData\Roaming\Mozilla\Firefox\Profiles\a91pwsty.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-28]
CHR Extension: (Dokumenty Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-16] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-16] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-28] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-07-28] (Qualcomm Atheros Co., Ltd.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2599128 2015-07-28] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 22:07 - 2016-01-05 22:21 - 00013261 _____ C:\Users\Lucia\Desktop\FRST.txt
2016-01-05 22:00 - 2016-01-05 22:07 - 00000000 ____D C:\FRST
2016-01-05 21:59 - 2016-01-05 21:59 - 02370560 _____ (Farbar) C:\Users\Lucia\Desktop\FRST64.exe
2016-01-05 19:08 - 2016-01-05 19:15 - 00000000 ____D C:\Users\Lucia\AppData\Local\Mozilla
2016-01-05 19:08 - 2016-01-05 19:09 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\Mozilla
2016-01-05 19:06 - 2016-01-05 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-05 19:06 - 2016-01-05 19:06 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-05 19:06 - 2016-01-05 19:06 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-05 19:02 - 2016-01-05 19:04 - 46214608 _____ C:\Users\Lucia\Downloads\Firefox Setup 43.0.exe
2016-01-05 18:13 - 2016-01-05 18:13 - 00030723 _____ C:\Users\Lucia\Desktop\Vykecajsa.sk na webtrh.odt
2016-01-05 18:13 - 2016-01-05 18:13 - 00000111 ____H C:\Users\Lucia\Desktop\.~lock.Vykecajsa.sk na webtrh.odt#
2016-01-05 08:50 - 2016-01-05 13:58 - 00000111 ____H C:\Users\Lucia\Desktop\.~lock.Vykecajsa.sk---dokončené-1.doc#
2016-01-02 10:18 - 2016-01-02 10:18 - 11102289 _____ C:\Users\Lucia\Desktop\a-mello-bdelost.pdf
2015-12-26 09:21 - 2015-12-26 09:21 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-26 09:21 - 2015-12-26 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-19 09:31 - 2015-12-19 09:31 - 00013197 _____ C:\Users\Lucia\Desktop\0-popis-RAI-produkty-2015 (1).xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 22:15 - 2015-07-28 20:35 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\Skype
2016-01-05 22:08 - 2015-07-28 09:29 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-05 22:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-05 21:48 - 2015-07-28 09:35 - 00000000 ____D C:\ProgramData\MFAData
2016-01-05 19:31 - 2015-07-28 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-05 12:17 - 2015-11-17 00:17 - 00048475 _____ C:\Users\Lucia\Desktop\Pomocky.odt
2016-01-05 11:44 - 2015-07-28 13:42 - 00000000 ____D C:\Users\Lucia\Desktop\Karta na každý deň
2016-01-05 09:09 - 2015-07-28 09:29 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 08:16 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-05 08:16 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 08:03 - 2015-07-28 08:06 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-05 08:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-04 23:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-04 08:12 - 2015-07-28 09:01 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Lucia)
2016-01-02 21:51 - 2015-07-28 07:52 - 00000000 ____D C:\Users\Lucia
2016-01-02 14:12 - 2015-07-29 20:14 - 00000000 ____D C:\Users\Lucia\Desktop\Lulča veci
2016-01-02 12:40 - 2015-12-03 09:39 - 00011679 _____ C:\Users\Lucia\Desktop\Audioteka.sk - súťaž, december.odt
2016-01-02 08:34 - 2015-07-28 09:02 - 00000000 ____D C:\ProgramData\ProductData
2015-12-26 09:27 - 2015-07-28 20:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-26 09:24 - 2015-07-28 20:34 - 00000000 ____D C:\ProgramData\Skype
2015-12-26 09:21 - 2015-07-28 20:35 - 00000000 ____D C:\Users\Lucia\AppData\Local\Skype
2015-12-25 14:13 - 2009-07-14 06:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-24 00:23 - 2015-08-13 12:55 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\vlc
2015-12-17 07:37 - 2015-07-28 09:30 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 14:03 - 2015-07-28 09:50 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp

Some files in TEMP:
====================
C:\Users\Lucia\AppData\Local\Temp\avguirn_08274303838.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-28 07:34

==================== End of FRST.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Rudy píše:Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.4

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Lucia\AppData\Roaming\Easeware

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3612 bytes] ##########

Dejte nový log FRST.

Rudy píše:Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Lucia (administrator) on LUCIA-PC (07-01-2016 19:39:02)
Running from C:\Users\Lucia\Desktop
Loaded Profiles: Lucia (Available Profiles: Lucia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [168152 2015-07-28] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
HKLM-x32\...\Run: [3180 Scan2PC] => "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{99D98D5A-8386-4335-BB11-77D8A2FC7958}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=hp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lucia\AppData\Roaming\Mozilla\Firefox\Profiles\a91pwsty.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-28]
CHR Extension: (Dokumenty Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-16] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-28] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-07-28] (Qualcomm Atheros Co., Ltd.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2599128 2015-07-28] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-07 19:39 - 2016-01-07 19:41 - 00012354 _____ C:\Users\Lucia\Desktop\FRST.txt
2016-01-07 14:19 - 2016-01-07 14:19 - 00000000 ____D C:\Users\Lucia\AppData\Local\Apple Computer
2016-01-07 14:18 - 2016-01-07 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-01-07 14:14 - 2016-01-07 14:14 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-01-07 14:14 - 2016-01-07 14:14 - 00000000 ____D C:\Users\Lucia\AppData\Local\Apple
2016-01-07 14:13 - 2016-01-07 14:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-01-07 14:13 - 2016-01-07 14:13 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-07 14:13 - 2016-01-07 14:13 - 00000000 ____D C:\Program Files\Bonjour
2016-01-07 14:13 - 2016-01-07 14:13 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-01-07 14:13 - 2016-01-07 14:13 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-07 14:11 - 2016-01-07 14:11 - 00000000 ____D C:\ProgramData\Apple
2016-01-07 14:05 - 2016-01-07 14:09 - 125168408 _____ (Apple Inc.) C:\Users\Lucia\Downloads\icloudsetup.exe
2016-01-07 13:52 - 2016-01-07 13:56 - 00000000 ____D C:\Users\Lucia\Desktop\fotky iphone
2016-01-07 08:35 - 2016-01-07 14:48 - 00000111 ____H C:\Users\Lucia\Desktop\.~lock.Vykecajsa.sk---dokončené-1.doc#
2016-01-06 23:58 - 2016-01-06 23:58 - 00003699 _____ C:\Users\Lucia\Desktop\AdwCleaner[C1].txt
2016-01-06 23:42 - 2016-01-06 23:52 - 00000000 ____D C:\AdwCleaner
2016-01-06 23:39 - 2016-01-06 23:39 - 01749504 _____ C:\Users\Lucia\Downloads\adwcleaner_5.028.exe
2016-01-05 22:00 - 2016-01-07 19:39 - 00000000 ____D C:\FRST
2016-01-05 21:59 - 2016-01-05 21:59 - 02370560 _____ (Farbar) C:\Users\Lucia\Desktop\FRST64.exe
2016-01-05 19:31 - 2016-01-07 12:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-05 19:08 - 2016-01-05 19:15 - 00000000 ____D C:\Users\Lucia\AppData\Local\Mozilla
2016-01-05 19:08 - 2016-01-05 19:09 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\Mozilla
2016-01-05 19:06 - 2016-01-07 12:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-05 19:06 - 2016-01-05 19:06 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-05 19:06 - 2016-01-05 19:06 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-05 19:02 - 2016-01-05 19:04 - 46214608 _____ C:\Users\Lucia\Downloads\Firefox Setup 43.0.exe
2016-01-05 18:13 - 2016-01-05 18:13 - 00030723 _____ C:\Users\Lucia\Desktop\Vykecajsa.sk na webtrh.odt
2016-01-02 10:18 - 2016-01-02 10:18 - 11102289 _____ C:\Users\Lucia\Desktop\a-mello-bdelost.pdf
2015-12-26 09:21 - 2015-12-26 09:21 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-26 09:21 - 2015-12-26 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-19 09:31 - 2015-12-19 09:31 - 00013197 _____ C:\Users\Lucia\Desktop\0-popis-RAI-produkty-2015 (1).xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-07 19:39 - 2015-07-28 20:35 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\Skype
2016-01-07 19:38 - 2015-09-30 22:17 - 00000000 ____D C:\Users\Lucia\Desktop\Nórsko 2015
2016-01-07 19:08 - 2015-07-28 09:29 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-07 18:08 - 2015-07-28 07:52 - 00000000 ____D C:\Users\Lucia
2016-01-07 16:09 - 2015-07-28 09:35 - 00000000 ____D C:\ProgramData\MFAData
2016-01-07 14:34 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-07 14:34 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-07 14:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-07 14:19 - 2015-11-25 07:23 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\Apple Computer
2016-01-07 11:56 - 2015-11-17 00:17 - 00049123 _____ C:\Users\Lucia\Desktop\Pomocky.odt
2016-01-07 11:48 - 2015-07-28 13:42 - 00000000 ____D C:\Users\Lucia\Desktop\Karta na každý deň
2016-01-07 09:08 - 2015-07-28 09:29 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-07 07:47 - 2015-07-28 08:06 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-07 07:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-07 07:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-07 00:02 - 2015-11-23 08:44 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-01-07 00:02 - 2015-11-23 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-04 08:12 - 2015-07-28 09:01 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Lucia)
2016-01-02 14:12 - 2015-07-29 20:14 - 00000000 ____D C:\Users\Lucia\Desktop\Lulča veci
2016-01-02 08:34 - 2015-07-28 09:02 - 00000000 ____D C:\ProgramData\ProductData
2015-12-26 09:27 - 2015-07-28 20:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-26 09:24 - 2015-07-28 20:34 - 00000000 ____D C:\ProgramData\Skype
2015-12-26 09:21 - 2015-07-28 20:35 - 00000000 ____D C:\Users\Lucia\AppData\Local\Skype
2015-12-25 14:13 - 2009-07-14 06:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-24 00:23 - 2015-08-13 12:55 - 00000000 ____D C:\Users\Lucia\AppData\Roaming\vlc
2015-12-17 07:37 - 2015-07-28 09:30 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 14:03 - 2015-07-28 09:50 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp

Some files in TEMP:
====================
C:\Users\Lucia\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-28 07:34

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=hp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Lucia\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Rudy píše:Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=hp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Lucia\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Lucia (2016-01-07 19:59:48) Run:1
Running from C:\Users\Lucia\Desktop
Loaded Profiles: Lucia (Available Profiles: Lucia)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F32ED48-F668-4F10-B0F0-C4832A24DCC6}&mid=c9cd0a4b6b1e47cd9e4a39d3c93ef9f2-84b57f8d5b49e01608e2f8e6921f550cb924739c&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-28 10:54:30&v=4.1.6.294&pid=wtu&sg=&sap=hp
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Lucia\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-3937307595-4248303218-1734061427-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\Lucia\AppData\Local\Temp" folder move:

Could not move "C:\Users\Lucia\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-07 20:05:36)

C:\Users\Lucia\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:05:39 ====

Smazáno. Nastala nějaká změna?

Rudy píše:Smazáno. Nastala nějaká změna?

Otestuje sa a uvidíme teda. Zatiaľ ďakujem za pomoc.

OK, zatím není zač!