VIRY.CZ

Dobrý den,
chtěl jsem přeinstalovat pocitac vsechno od zacatku a neotravovat Vas, ale ... Mame tu docela dulezity program na EET a nedari se me ho zalohovat bez cizi podbory. Proto bych prosil o kontrolu logu. Pokud napisete ze lepsi by bylo opravdu preinstalovat Windows udelam to pozdeji az se spojim s podporou toho programu... No Uvidime, predem dekuji za ochotu
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Ran by Babicka (administrator) on BABICKA-PC (09-09-2017 08:08:26)
Running from C:\Users\Babicka\Desktop
Loaded Profiles: Babicka & DefaultAppPool (Available Profiles: Babicka & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1703 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x86__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2448171358-1871930041-1244657789-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\Babicka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-12-10]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 84.16.111.129 84.16.96.2
Tcpip\..\Interfaces\{5d029f76-0fec-4b7e-acab-42fa21d0f130}: [DhcpNameServer] 84.16.111.129 84.16.96.2
Tcpip\..\Interfaces\{634924f9-7e72-4f65-895e-4f0d61dae811}: [DhcpNameServer] 84.16.111.129 84.16.96.2

Internet Explorer:
==================
HKU\S-1-5-21-2448171358-1871930041-1244657789-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> DefaultScope {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://mysearch.avg.com/?cid={099F5101-C5BE-4765-B8FB-E1C5272CC5AA}&mid=b213616f3a1947d3a7b6318208cc0d31-3b3d42feedb44151909a582940600e561c9be51e&lang=en&ds=jd011&pr=sa&d=2013-08-13 13:21:24&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default [2017-09-09]
CHR Extension: (Prezentace Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Zwinky) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2015-02-14]
CHR Extension: (Tabulky Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Komponenta pro aplikaci SERVIS 24) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gincjcoomijeeoddomaaimknmflggfnb [2015-07-09]
CHR Extension: (Дополнительные параметры 11.45) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hechgbfeikpcbpienlgplipnhffkdkmc [2017-03-21]
CHR Extension: (FormApps Extension) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (iLivid) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-07-09]
CHR Extension: (AVG Secure Search) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-01-11]
CHR Extension: (MyWebFace) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj [2015-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
CHR Profile: C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [299488 2016-05-04] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2069424 2017-03-09] (ESET)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [292832 2016-05-04] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [179968 2014-03-11] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-19] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [113512 2017-09-03] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [90656 2017-03-09] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14368 2017-03-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [139384 2017-03-09] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [67712 2017-03-09] (ESET)
R0 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [526392 2012-11-19] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44016 2015-12-01] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35320 2015-12-01] (Intel Corporation)
S3 MEI; C:\WINDOWS\System32\drivers\HECI.sys [41216 2011-09-23] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-09 08:08 - 2017-09-09 08:09 - 000015793 _____ C:\Users\Babicka\Desktop\FRST.txt
2017-09-09 08:08 - 2017-09-09 08:08 - 000000000 ____D C:\FRST
2017-09-09 08:06 - 2017-09-09 08:06 - 000112640 _____ (forum.viry.cz) C:\Users\Babicka\Desktop\FRSTLauncher.exe
2017-09-09 08:05 - 2017-09-09 08:05 - 001792512 _____ (Farbar) C:\Users\Babicka\Desktop\FRST.exe
2017-09-07 21:21 - 2017-09-07 21:21 - 000084083 _____ C:\Users\Babicka\Desktop\AAA Absolutně nejlepší naložené KOZÍ ROHY na světě! recept - Labužník.pdf
2017-09-07 09:20 - 2017-09-07 09:20 - 010656509 _____ C:\Users\Babicka\Downloads\USA-50_států_podle_abecedy.ppsx
2017-09-05 19:42 - 2017-09-05 19:43 - 001243586 _____ C:\Users\Babicka\Desktop\Provoz Bystrice-20170901123445.pdf
2017-09-04 16:27 - 2017-09-04 16:27 - 010461184 _____ C:\Users\Babicka\Downloads\Venetia_fara_apa.pps
2017-09-01 18:47 - 2017-09-01 18:47 - 000152555 _____ C:\Users\Babicka\Downloads\0000000120393013_20170831_D_008_000_M_C.pdf
2017-09-01 16:33 - 2017-09-01 16:33 - 000091722 _____ C:\Users\Babicka\Downloads\17153471.pdf
2017-08-31 12:41 - 2017-08-31 12:41 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV (2).pps
2017-08-31 12:39 - 2017-08-31 12:39 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV (1).pps
2017-08-31 12:14 - 2017-08-31 12:14 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV.pps
2017-08-31 10:47 - 2017-08-31 10:47 - 005466624 _____ C:\Users\Babicka\Downloads\Moje_nadherne__Slovensko.pps
2017-08-30 11:39 - 2017-08-30 11:39 - 008227840 _____ C:\Users\Babicka\Downloads\Krasy_Skotska_.pps
2017-08-29 21:06 - 2017-08-29 21:06 - 004005888 _____ C:\Users\Babicka\Downloads\zÃ¡zraÄnÃ¡_mÃ-sta.pps
2017-08-29 20:55 - 2017-08-29 20:55 - 007872000 _____ C:\Users\Babicka\Downloads\Brno,_hezké_město.pps
2017-08-25 13:39 - 2017-08-25 13:39 - 000091030 _____ C:\Users\Babicka\Downloads\17151538.pdf
2017-08-22 19:51 - 2017-08-22 19:51 - 004947968 _____ C:\Users\Babicka\Downloads\MoravskA1_Kras.pps
2017-08-22 09:37 - 2017-08-22 09:37 - 010735616 _____ C:\Users\Babicka\Downloads\25_najkrajších_dedín_Európy (1).pps
2017-08-10 16:22 - 2017-08-10 16:22 - 004086784 _____ C:\Users\Babicka\Downloads\Plus_qu'une_photo1.pps
2017-08-10 16:20 - 2017-08-10 16:20 - 004383721 _____ C:\Users\Babicka\Downloads\Sochy_Luhačovice_2017.ppsx
2017-08-10 07:24 - 2017-08-10 07:24 - 000000000 ____D C:\Users\Babicka\AppData\Local\DBG

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-09 07:46 - 2015-01-08 23:11 - 000000000 ____D C:\Program Files\Steam
2017-09-09 07:33 - 2015-01-08 23:11 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-09-09 07:31 - 2017-03-16 08:08 - 000000000 __SHD C:\Users\Babicka\IntelGraphicsProfiles
2017-09-08 21:20 - 2017-07-20 08:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-07 14:47 - 2017-03-18 20:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-07 14:47 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-07 09:22 - 2017-03-18 14:28 - 000004608 _____ C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-07 07:09 - 2016-07-29 22:49 - 000002437 _____ C:\Users\Babicka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-07 07:09 - 2016-07-29 22:49 - 000000000 ___RD C:\Users\Babicka\OneDrive
2017-09-06 06:54 - 2017-06-27 06:37 - 000000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-06 06:54 - 2017-06-27 06:37 - 000000986 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-06 06:54 - 2017-06-27 06:37 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-05 20:58 - 2015-01-09 21:07 - 000000000 ____D C:\Users\Babicka\AppData\Roaming\Skype
2017-09-05 20:22 - 2016-11-04 12:12 - 000001143 _____ C:\Users\Babicka\Desktop\Pokladnička EET.lnk
2017-09-03 08:18 - 2017-03-18 20:21 - 000000000 ____D C:\WINDOWS\INF
2017-09-03 08:17 - 2017-03-09 21:55 - 000113512 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-09-01 20:36 - 2015-12-26 12:20 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 07:28 - 2015-05-07 09:07 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 07:27 - 2015-01-08 22:55 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-17 10:23 - 2017-07-20 08:19 - 002199734 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-17 10:23 - 2017-03-19 10:56 - 000930948 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-17 10:23 - 2017-03-19 10:56 - 000215952 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-17 10:18 - 2017-07-20 08:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-15 21:57 - 2017-07-20 08:20 - 000000000 ____D C:\Users\Babicka
2017-08-12 09:21 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2017-03-18 14:28 - 2017-09-07 09:22 - 000004608 _____ () C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2017-08-13 10:52 - 2017-08-13 10:53 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Babicka\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-06 09:05

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Nevim zda je to spravny log.. nejak se mi to nezda...

# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 10 17:49:31 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: AVG Secure Search -
Plugin deleted: iLivid -
SearchProvider deleted: search.ask.com - search.ask.com

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1230 B] - [2017/9/10 17:37:40]
C:/AdwCleaner/AdwCleaner[S1].txt - [1298 B] - [2017/9/10 17:46:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2017
Ran by Babicka (administrator) on BABICKA-PC (10-09-2017 20:24:57)
Running from C:\Users\Babicka\Desktop
Loaded Profiles: Babicka (Available Profiles: Babicka & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1703 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2448171358-1871930041-1244657789-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
Startup: C:\Users\Babicka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-12-10]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 84.16.111.129 84.16.96.2
Tcpip\..\Interfaces\{5d029f76-0fec-4b7e-acab-42fa21d0f130}: [DhcpNameServer] 84.16.111.129 84.16.96.2
Tcpip\..\Interfaces\{634924f9-7e72-4f65-895e-4f0d61dae811}: [DhcpNameServer] 84.16.111.129 84.16.96.2

Internet Explorer:
==================
HKU\S-1-5-21-2448171358-1871930041-1244657789-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> DefaultScope {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://mysearch.avg.com/?cid={099F5101-C5BE-4765-B8FB-E1C5272CC5AA}&mid=b213616f3a1947d3a7b6318208cc0d31-3b3d42feedb44151909a582940600e561c9be51e&lang=en&ds=jd011&pr=sa&d=2013-08-13 13:21:24&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Prezentace Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Komponenta pro aplikaci SERVIS 24) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gincjcoomijeeoddomaaimknmflggfnb [2015-07-09]
CHR Extension: (Дополнительные параметры 11.45) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hechgbfeikpcbpienlgplipnhffkdkmc [2017-03-21]
CHR Extension: (FormApps Extension) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (AVG Secure Search) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2017-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
CHR Profile: C:\Users\Babicka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [299488 2016-05-04] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2069936 2017-09-03] (ESET)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [292832 2016-05-04] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [179968 2014-03-11] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-19] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [113512 2017-09-03] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [90656 2017-03-09] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14368 2017-03-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [139384 2017-03-09] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [67712 2017-03-09] (ESET)
R0 iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [526392 2012-11-19] (Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44016 2015-12-01] (Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35320 2015-12-01] (Intel Corporation)
S3 MEI; C:\WINDOWS\System32\drivers\HECI.sys [41216 2011-09-23] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-10 20:24 - 2017-09-10 20:24 - 000000000 ____D C:\Users\Babicka\Desktop\FRST-OlderVersion
2017-09-10 19:35 - 2017-09-10 19:46 - 000000000 ____D C:\AdwCleaner
2017-09-10 19:35 - 2017-09-10 19:35 - 008182736 _____ (Malwarebytes) C:\Users\Babicka\Desktop\adwcleaner_7.0.2.1.exe
2017-09-10 19:09 - 2017-09-10 19:09 - 000255037 _____ C:\Users\Babicka\Downloads\IMG_20170910_0001.pdf
2017-09-10 19:06 - 2017-09-10 19:06 - 000255037 _____ C:\Users\Babicka\Documents\IMG_20170910_0001.pdf
2017-09-09 08:09 - 2017-09-09 08:11 - 000038891 _____ C:\Users\Babicka\Desktop\Addition.txt
2017-09-09 08:08 - 2017-09-10 20:24 - 000015181 _____ C:\Users\Babicka\Desktop\FRST.txt
2017-09-09 08:08 - 2017-09-10 20:24 - 000000000 ____D C:\FRST
2017-09-09 08:05 - 2017-09-10 20:24 - 001793024 _____ (Farbar) C:\Users\Babicka\Desktop\FRST.exe
2017-09-07 21:21 - 2017-09-07 21:21 - 000084083 _____ C:\Users\Babicka\Desktop\AAA Absolutně nejlepší naložené KOZÍ ROHY na světě! recept - Labužník.pdf
2017-09-07 09:20 - 2017-09-07 09:20 - 010656509 _____ C:\Users\Babicka\Downloads\USA-50_států_podle_abecedy.ppsx
2017-09-05 19:42 - 2017-09-05 19:43 - 001243586 _____ C:\Users\Babicka\Desktop\Provoz Bystrice-20170901123445.pdf
2017-09-04 16:27 - 2017-09-04 16:27 - 010461184 _____ C:\Users\Babicka\Downloads\Venetia_fara_apa.pps
2017-09-01 18:47 - 2017-09-01 18:47 - 000152555 _____ C:\Users\Babicka\Downloads\0000000120393013_20170831_D_008_000_M_C.pdf
2017-09-01 16:33 - 2017-09-01 16:33 - 000091722 _____ C:\Users\Babicka\Downloads\17153471.pdf
2017-08-31 12:41 - 2017-08-31 12:41 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV (2).pps
2017-08-31 12:39 - 2017-08-31 12:39 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV (1).pps
2017-08-31 12:14 - 2017-08-31 12:14 - 006365696 _____ C:\Users\Babicka\Downloads\Wieliczka-Svetovy_unikat_MV.pps
2017-08-31 10:47 - 2017-08-31 10:47 - 005466624 _____ C:\Users\Babicka\Downloads\Moje_nadherne__Slovensko.pps
2017-08-30 11:39 - 2017-08-30 11:39 - 008227840 _____ C:\Users\Babicka\Downloads\Krasy_Skotska_.pps
2017-08-29 21:06 - 2017-08-29 21:06 - 004005888 _____ C:\Users\Babicka\Downloads\zÃ¡zraÄnÃ¡_mÃ-sta.pps
2017-08-29 20:55 - 2017-08-29 20:55 - 007872000 _____ C:\Users\Babicka\Downloads\Brno,_hezké_město.pps
2017-08-25 13:39 - 2017-08-25 13:39 - 000091030 _____ C:\Users\Babicka\Downloads\17151538.pdf
2017-08-22 19:51 - 2017-08-22 19:51 - 004947968 _____ C:\Users\Babicka\Downloads\MoravskA1_Kras.pps
2017-08-22 09:37 - 2017-08-22 09:37 - 010735616 _____ C:\Users\Babicka\Downloads\25_najkrajších_dedín_Európy (1).pps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-10 20:02 - 2017-07-20 08:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-10 19:57 - 2017-07-20 08:19 - 002226444 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 19:57 - 2017-03-19 10:56 - 000944492 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-10 19:57 - 2017-03-19 10:56 - 000220134 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-10 19:52 - 2015-01-08 23:11 - 000000000 ____D C:\Program Files\Steam
2017-09-10 19:51 - 2017-03-16 08:08 - 000000000 __SHD C:\Users\Babicka\IntelGraphicsProfiles
2017-09-10 19:50 - 2017-07-20 08:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 19:50 - 2017-03-18 08:02 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 19:07 - 2015-12-26 12:20 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-10 19:00 - 2017-06-27 06:37 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-10 08:25 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-10 08:23 - 2015-01-08 23:11 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-09-09 10:13 - 2017-03-18 20:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-09 08:10 - 2017-03-18 20:21 - 000000000 ____D C:\WINDOWS\INF
2017-09-07 09:22 - 2017-03-18 14:28 - 000004608 _____ C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-07 07:09 - 2016-07-29 22:49 - 000002437 _____ C:\Users\Babicka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-07 07:09 - 2016-07-29 22:49 - 000000000 ___RD C:\Users\Babicka\OneDrive
2017-09-06 06:54 - 2017-06-27 06:37 - 000000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-06 06:54 - 2017-06-27 06:37 - 000000986 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-05 20:58 - 2015-01-09 21:07 - 000000000 ____D C:\Users\Babicka\AppData\Roaming\Skype
2017-09-05 20:22 - 2016-11-04 12:12 - 000001143 _____ C:\Users\Babicka\Desktop\Pokladnička EET.lnk
2017-09-03 08:17 - 2017-03-09 21:55 - 000113512 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-09-01 07:28 - 2015-05-07 09:07 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 07:27 - 2015-01-08 22:55 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-15 21:57 - 2017-07-20 08:20 - 000000000 ____D C:\Users\Babicka
2017-08-12 09:21 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2017-03-18 14:28 - 2017-09-07 09:22 - 000004608 _____ () C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2017-08-13 10:52 - 2017-08-13 10:53 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Babicka\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-06 09:05

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> DefaultScope {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL =
U3 idsvc; no ImagePath
C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Babicka\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 10-09-2017
Ran by Babicka (10-09-2017 23:25:12) Run:1
Running from C:\Users\Babicka\Desktop
Loaded Profiles: Babicka (Available Profiles: Babicka & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
SearchScopes: HKU\S-1-5-21-2448171358-1871930041-1244657789-1000 -> DefaultScope {95F8A083-7ED5-4FB9-904A-1CC3DB72DF98} URL =
U3 idsvc; no ImagePath
C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Babicka\AppData\Local\Temp

EmptyTemp:
End
*****************

HKU\S-1-5-21-2448171358-1871930041-1244657789-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully.
idsvc => service removed successfully.
C:\Users\Babicka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Babicka\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 188212573 B
Java, Flash, Steam htmlcache => 23243897 B
Windows/system/drivers => 1839852 B
Edge => 7873384 B
Chrome => 834813788 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 8162 B
NetworkService => 6134058 B
Babicka => 6688193 B
DefaultAppPool => 0 B

RecycleBin => 608418820 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 23:26:11 ====

Bylo smazáno. Ještě bych doporučil kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.09.17
Čas skenování: 21:28
Logovací soubor: 69189af0-9727-11e7-8e45-001b21569a39.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2777
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 15063.540)
CPU: x86
Systém souborů: NTFS
Uživatel: Babicka-PC\Babicka

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 320658
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 min, 26 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

PC by již měl být čistý.

VIRY.CZ

Zaneradeny PC od deti a babicky :P

Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P

Re: Zaneradeny PC od deti a babicky :P