VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu FRST a RIST, pop-up okna

https://forum.viry.cz:443/viewtopic.php?t=151665

Stránka 1 z 1

prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 00:21
od MistrYpsilon
pořád mi vyskakují různý pop-up okna

použil jsem :

adwcleaner - 53 hrozeb, odstraněno
Zemana AntiMalware - 6 hrozeb, odstraněno
HiJackThis, co se mi zdálo divné odstranil jsem

teď vás poprosím o kontrolu z FRST ,logy níže

Kód: Vybrat vše

https://drive.google.com/open?id=0B6_89nuotdevUlFrb0hTdzIyV2M
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Kristýna (administrator) on KRISTYNA-NTB (18-03-2017 00:17:22)
Running from C:\Users\Kristýna\Downloads
Loaded Profiles: Kristýna (Available Profiles: Kristýna)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3859456 2014-09-05] (Dell Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-05] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [562264 2014-04-10] (Waves Audio Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14471408 2017-03-06] (Copyright 2017.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {131dbb83-c30c-11e6-8272-2c337aff7918} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb16d-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb684-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-03-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2015-12-26]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
BootExecute: autocheck autochk * sdnclean64.exebddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{1056D31B-C807-4B06-B4F7-F1776D06438F}: [DhcpNameServer] 82.163.143.176
Tcpip\..\Interfaces\{25F7C562-825C-411A-9599-1C8F4DF0B654}: [DhcpNameServer] 82.163.143.176
Tcpip\..\Interfaces\{80F7F591-D4B1-456E-9592-3BFF5444AA8E}: [DhcpNameServer] 82.163.143.176
Tcpip\..\Interfaces\{C277C1F3-6BCE-4A14-BF6B-8C6726049DC8}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> DefaultScope {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-06-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-06-19] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-06-19] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default [2017-03-18]
CHR Extension: (Prezentace Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
CHR Extension: (Dokumenty Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Disk Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Tabulky Google) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Gmail) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-03-13] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2521440 2016-03-16] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [325224 2014-09-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-26] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-26] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-01-12] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14471408 2017-03-06] (Copyright 2017.)
S2 jhi_service; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
S2 LMS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" [X]
S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-03-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7504560 2014-03-13] (Broadcom Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-16] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [198096 2016-03-16] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53384 2016-03-16] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-03-16] (ESET)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
R3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-05-22] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-03-18] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-03-18] (Zemana Ltd.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 00:17 - 2017-03-18 00:17 - 00027219 _____ C:\Users\Kristýna\Downloads\FRST.txt
2017-03-18 00:17 - 2017-03-18 00:17 - 00000000 ____D C:\FRST
2017-03-18 00:15 - 2017-03-18 00:15 - 02424832 _____ (Farbar) C:\Users\Kristýna\Downloads\FRST64.exe
2017-03-18 00:15 - 2017-03-18 00:15 - 01766912 _____ (Farbar) C:\Users\Kristýna\Downloads\FRST.exe
2017-03-18 00:09 - 2017-03-18 00:17 - 00112758 _____ C:\Windows\ZAM.krnl.trace
2017-03-18 00:09 - 2017-03-18 00:17 - 00109820 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-18 00:09 - 2017-03-18 00:09 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-03-18 00:09 - 2017-03-18 00:09 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-03-18 00:09 - 2017-03-18 00:09 - 00001162 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-03-18 00:09 - 2017-03-18 00:09 - 00000000 ____D C:\Users\Kristýna\AppData\Local\Zemana
2017-03-18 00:09 - 2017-03-18 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-03-18 00:09 - 2017-03-18 00:09 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-03-18 00:08 - 2017-03-18 00:08 - 05755024 _____ (Zemana Ltd. ) C:\Users\Kristýna\Downloads\Zemana.AntiMalware.Setup.exe
2017-03-17 23:55 - 2017-03-17 23:55 - 00000000 ____D C:\Users\Kristýna\Downloads\backups
2017-03-17 23:52 - 2017-03-17 23:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kristýna\Downloads\hijackthis.exe
2017-03-17 23:32 - 2017-03-17 23:51 - 00000000 ____D C:\AdwCleaner
2017-03-17 23:32 - 2017-03-17 23:32 - 04031440 _____ C:\Users\Kristýna\Downloads\adwcleaner_6.044.exe
2017-03-17 23:17 - 2017-03-17 23:17 - 00002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-17 23:17 - 2017-03-17 23:17 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-17 23:10 - 2017-03-17 23:24 - 00000000 ____D C:\Users\Kristýna\Desktop\badminton
2017-03-12 11:00 - 2017-03-12 11:00 - 00003824 _____ C:\Windows\System32\Tasks\{A3101405-14BB-A3AE-36E6-F8EA655FB908}
2017-03-11 22:08 - 2017-03-11 22:15 - 00000000 ____D C:\Users\Kristýna\Desktop\hijackthis
2017-03-09 22:10 - 2017-03-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 10:19 - 2017-03-08 13:41 - 00000000 ____D C:\Users\Kristýna\Desktop\filmy2
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-04 19:01 - 2017-03-17 23:09 - 00000000 ____D C:\Users\Kristýna\AppData\Roaming\vlc
2017-03-04 19:00 - 2017-03-04 19:00 - 00000889 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-03-04 19:00 - 2017-03-04 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-03-04 19:00 - 2017-03-04 19:00 - 00000000 ____D C:\Program Files\VideoLAN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 00:09 - 2015-12-24 20:12 - 00000000 ____D C:\Users\Kristýna
2017-03-18 00:00 - 2015-12-24 20:27 - 00000000 ____D C:\Users\Kristýna\AppData\Local\ClassicShell
2017-03-18 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-17 23:55 - 2015-03-04 23:38 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-03-17 23:52 - 2014-03-18 16:13 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-17 23:52 - 2014-03-18 15:56 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-03-17 23:52 - 2014-03-18 15:56 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-03-17 23:52 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-17 23:51 - 2015-12-24 20:18 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-381986663-1749804407-3583563421-1001
2017-03-17 23:50 - 2015-12-26 20:48 - 00000000 ____D C:\Users\Kristýna\AppData\Local\CrashDumps
2017-03-17 23:49 - 2015-12-24 20:32 - 00000000 ___RD C:\Users\Kristýna\Dropbox
2017-03-17 23:46 - 2015-12-24 20:29 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-17 23:45 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-17 23:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-17 23:43 - 2015-03-04 23:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-17 23:38 - 2015-12-24 20:29 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-17 23:36 - 2013-08-22 15:44 - 05111648 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-17 23:34 - 2015-03-04 23:36 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-03-17 23:24 - 2016-02-09 21:19 - 00000132 _____ C:\Users\Kristýna\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-03-17 23:21 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-17 23:17 - 2016-02-09 20:45 - 00000000 ____D C:\Users\Kristýna\AppData\Local\Adobe
2017-03-17 23:15 - 2015-12-24 20:20 - 00003854 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{07E1376B-DB0E-49BA-B015-C3F5B3270790}
2017-03-12 11:00 - 2016-03-04 09:21 - 00003730 _____ C:\Windows\System32\Tasks\{1B9E2C4A-C659-AB49-FD26-B2BD53412A68}
2017-03-12 11:00 - 2016-03-04 09:21 - 00000000 ____D C:\ProgramData\10a70ed
2017-03-11 22:21 - 2016-02-03 19:37 - 00000000 ____D C:\Program Files (x86)\JDownloader
2017-03-11 21:31 - 2016-06-27 18:04 - 00100280 _____ C:\Windows\SysWOW64\bddel.dat
2017-03-09 22:17 - 2015-12-26 20:33 - 00000000 ____D C:\Download
2017-03-09 22:11 - 2015-12-24 20:29 - 00000000 ____D C:\Users\Kristýna\AppData\Local\Dropbox
2017-03-09 22:11 - 2015-03-04 23:44 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Files in the root of some directories =======

2016-02-09 21:19 - 2017-03-17 23:24 - 0000132 _____ () C:\Users\Kristýna\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-09-05 22:59 - 2016-09-05 22:59 - 0001480 _____ () C:\Users\Kristýna\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-01-10 12:56 - 2017-01-10 12:56 - 0000000 _____ () C:\Users\Kristýna\AppData\Local\{BA8D9991-9538-43C7-A458-6FD4D7EE3829}
2015-03-04 23:24 - 2015-03-04 23:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-04 23:22 - 2015-03-04 23:23 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-03-04 23:18 - 2015-03-04 23:19 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-03-04 23:19 - 2015-03-04 23:21 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-03-04 23:21 - 2015-03-04 23:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-03-04 23:18 - 2015-03-04 23:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
2017-03-11 22:21 - 2017-03-11 22:21 - 0040448 ____N () C:\Users\Kristýna\AppData\Local\Temp\proxy_vole4314514418388064746.dll
2017-03-11 22:21 - 2017-03-11 22:21 - 0040448 ____N () C:\Users\Kristýna\AppData\Local\Temp\proxy_vole5380074618136274104.dll
2017-03-11 22:20 - 2017-03-11 22:20 - 0040448 ____N () C:\Users\Kristýna\AppData\Local\Temp\proxy_vole6311771222295918646.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-04 22:54

==================== End of FRST.txt ============================

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 11:20
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 11:28
od MistrYpsilon
# AdwCleaner v6.044 - Log vytvořen 18/03/2017 v 11:35:09
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-17.2 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Kristýna - KRISTYNA-NTB
# Spuštěno z : C:\Users\Kristýna\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5073 Bajty] - [17/03/2017 23:34:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [1243 Bajty] - [17/03/2017 23:44:41]
C:\AdwCleaner\AdwCleaner[C3].txt - [950 Bajty] - [18/03/2017 11:35:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [5303 Bajty] - [17/03/2017 23:34:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [1540 Bajty] - [17/03/2017 23:44:07]
C:\AdwCleaner\AdwCleaner[S2].txt - [1667 Bajty] - [17/03/2017 23:51:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [1740 Bajty] - [18/03/2017 11:34:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1314 Bajty] ##########

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 11:34
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {131dbb83-c30c-11e6-8272-2c337aff7918} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb16d-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb684-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> DefaultScope {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
C:\ProgramData\DP45977C.lfl
C:\Users\Kristýna\AppData\Local\Temp

EmptyTemp:
End
Uložte do C:\Users\Kristýna\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 11:43
od MistrYpsilon
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Kristýna (18-03-2017 11:48:31) Run:1
Running from C:\Users\Kristýna\Downloads\FRST
Loaded Profiles: Kristýna (Available Profiles: Kristýna)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {131dbb83-c30c-11e6-8272-2c337aff7918} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb16d-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\...\MountPoints2: {a8deb684-e639-11e5-8264-2c337aff7918} - "F:\Setup.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> DefaultScope {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
SearchScopes: HKU\S-1-5-21-381986663-1749804407-3583563421-1001 -> {937D8C74-83BA-46EF-8F3B-16D62DC7E671} URL =
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
C:\ProgramData\DP45977C.lfl
C:\Users\Kristýna\AppData\Local\Temp

EmptyTemp:
End
*****************

HKU\S-1-5-21-381986663-1749804407-3583563421-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{131dbb83-c30c-11e6-8272-2c337aff7918} => key removed successfully
HKCR\CLSID\{131dbb83-c30c-11e6-8272-2c337aff7918} => key not found.
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8deb16d-e639-11e5-8264-2c337aff7918} => key removed successfully
HKCR\CLSID\{a8deb16d-e639-11e5-8264-2c337aff7918} => key not found.
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8deb684-e639-11e5-8264-2c337aff7918} => key removed successfully
HKCR\CLSID\{a8deb684-e639-11e5-8264-2c337aff7918} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-381986663-1749804407-3583563421-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{937D8C74-83BA-46EF-8F3B-16D62DC7E671} => key removed successfully
HKCR\CLSID\{937D8C74-83BA-46EF-8F3B-16D62DC7E671} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Kristýna\AppData\Local\Temp" folder move:

Could not move "C:\Users\Kristýna\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57567533 B
Java, Flash, Steam htmlcache => 1752 B
Windows/system/drivers => 1498375 B
Edge => 0 B
Chrome => 271455350 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 165 B
systemprofile32 => 0 B
LocalService => 31297944 B
NetworkService => 1660 B
Kristýna => 218452933 B

RecycleBin => 0 B
EmptyTemp: => 565.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2017 11:51:18)

C:\Users\Kristýna\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:51:19 ====

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 18 bře 2017 11:44
od Rudy
Smazáno. Nastala nějaká změna?

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 20 bře 2017 19:00
od MistrYpsilon
ano mělo by to již být vyřešené, děkuji za pomoc !

Re: prosim o kontrolu logu FRST a RIST, pop-up okna

Napsal: 20 bře 2017 19:06
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz