VIRY.CZ

Zdravím Vás

Prosím o pomoc
Sestra sa na mňa obrátila s prosbou o pomoc s NTB. Čo som vedel, to som urobil, avšak neviem čo mám ďalej robiť. V PC sa nachádza Avira Launcher, ktorý neviem odstrániť, PC mi hlási problém s nekompatibilným ovládačom "Tages" plus nejaká háveď spôsobila, že sa PC nemôže pripojiť na net (pripojí , ale žiaden prístup na internet)

Prikladám LOG FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Tomáš (administrator) on TOMAS-PC (30-01-2018 11:39:10)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Malwarebytes) D:\PrgramFilesPersonal\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes) D:\PrgramFilesPersonal\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP58525B6D0\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4148664 2014-04-04] (ESET)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7704168 2017-12-19] (Lavasoft)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [WarThunderLauncher] => D:\Users\Mirka\Hry\WarThunder\launcher.exe [5975632 2017-12-21] (Gaijin Entertainment)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Spotify] => C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-24] (Spotify Ltd)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Spotify Web Helper] => C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-24] (Spotify Ltd)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {4c29dd96-80d9-11e7-90da-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {9b00ceca-8025-11e7-b75c-74de2b1bde5b} - H:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {a52677cf-ca87-11e6-b074-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Internet Explorer:
==================
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2018-01-30] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2018-01-30]
CHR Extension: (Prezentácie) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Dokumenty) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-23]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-23]
CHR Extension: (FileSafer Content Network) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\eloaifmmfmaieffoehmmomhgpfahgbdj [2018-01-11]
CHR Extension: (Tabuľky) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-12-28]
CHR Extension: (Short Alias for URL) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbddolnlinjapikkahabileeflbeapg [2017-01-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-24]
CHR Extension: (Trustnav safe search) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig [2017-12-16]
CHR Extension: (Marble) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhebjoppbkfocoeceijgihihgckeool [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-11]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-21] ()
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [42048 2014-04-04] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-04-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [191368 2014-04-04] (ESET)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMService; D:\PrgramFilesPersonal\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7987104 2017-04-10] (INCA Internet Co., Ltd.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2017-08-11] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-25] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-04-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2013-09-09] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [40512 2013-09-09] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [59064 2013-09-09] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2017-05-26] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-30] (Malwarebytes)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-07-22] ()
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-07-22] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-07-22] ()
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 11:39 - 2018-01-30 11:39 - 000014085 _____ C:\Users\Tomáš\Desktop\FRST.txt
2018-01-30 11:38 - 2018-01-30 11:39 - 000000000 ____D C:\FRST
2018-01-30 11:37 - 2018-01-30 11:30 - 002393088 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2018-01-30 11:28 - 2018-01-30 11:28 - 000015327 _____ C:\Users\Tomáš\Desktop\LM.bat
2018-01-30 11:27 - 2018-01-30 11:28 - 000029696 _____ C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2018-01-30 11:27 - 2018-01-30 11:26 - 000112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2018-01-30 11:20 - 2018-01-30 11:20 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\ESET
2018-01-30 11:20 - 2018-01-30 11:20 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\ProgramData\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\Program Files\ESET
2018-01-30 10:49 - 2018-01-30 11:05 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-30 10:48 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-01-30 10:37 - 2018-01-30 10:37 - 000003116 _____ C:\Windows\System32\Tasks\{37A4F2C7-C9BD-45D0-B587-6BE6AAC1908D}
2018-01-11 18:48 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-01-11 18:48 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-01-11 18:48 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-01-11 18:48 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-01-11 18:48 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-01-11 18:48 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-01-11 18:48 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-01-11 18:48 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-01-11 18:48 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-01-11 18:48 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-01-11 18:48 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-01-11 18:48 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-01-11 18:48 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-01-11 18:46 - 2018-01-11 21:06 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-01-11 15:27 - 2018-01-11 19:01 - 000001126 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-01-11 13:57 - 2018-01-11 15:09 - 000000000 ____D C:\Users\Tomáš\Downloads\The Sims 4 [FitGirl Repack]
2018-01-11 13:30 - 2018-01-11 13:30 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Gaijin
2018-01-11 13:30 - 2018-01-11 13:30 - 000000000 ____D C:\ProgramData\Gaijin
2018-01-06 22:57 - 2018-01-30 11:17 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Spotify
2018-01-06 22:57 - 2018-01-30 11:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Spotify
2018-01-06 22:57 - 2018-01-06 22:57 - 000001805 _____ C:\Users\Tomáš\Desktop\Spotify.lnk
2018-01-06 22:57 - 2018-01-06 22:57 - 000001791 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 11:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-30 11:18 - 2009-07-14 05:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-30 11:18 - 2009-07-14 05:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-30 11:12 - 2009-07-14 06:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-30 11:07 - 2017-02-26 16:06 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2018-01-30 11:03 - 2017-08-13 20:07 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-30 11:03 - 2017-03-05 17:45 - 000000000 ____D C:\ProgramData\McAfee
2018-01-30 11:03 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-30 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-01-30 10:41 - 2017-12-15 14:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Lavasoft
2018-01-30 10:41 - 2017-12-15 14:12 - 000000000 ____D C:\ProgramData\Lavasoft
2018-01-30 10:39 - 2017-05-26 21:30 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2018-01-30 10:34 - 2017-12-15 14:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Opera Software
2018-01-28 20:09 - 2017-12-15 14:12 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\uTorrent
2018-01-28 20:09 - 2017-04-03 13:25 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2018-01-17 22:03 - 2016-12-23 19:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-15 19:38 - 2017-12-15 14:13 - 000004070 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1513343611
2018-01-13 13:10 - 2017-02-21 18:42 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2018-01-11 18:49 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-01-09 11:31 - 2016-12-23 19:16 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 11:31 - 2016-12-23 19:16 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-06 23:06 - 2017-07-25 23:43 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-01-06 23:06 - 2017-07-25 23:41 - 000000000 ____D C:\ProgramData\Apple

==================== Files in the root of some directories =======

2017-08-16 00:52 - 2017-08-16 00:52 - 000154802 _____ () C:\Users\Tomáš\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-01-30 11:27 - 2018-01-30 11:28 - 000029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2017-05-18 14:09 - 2017-05-18 14:09 - 000000000 _____ () C:\Users\Tomáš\AppData\Local\{A52F88FE-A038-4405-A304-939406EA1E25}
2017-12-03 23:02 - 2017-12-03 23:02 - 000000000 _____ () C:\Users\Tomáš\AppData\Local\{ED89B74D-4BBB-41D9-8399-5E6066930C61}

Some files in TEMP:
====================
2018-01-30 10:40 - 2018-01-06 15:21 - 001031928 _____ (McAfee, Inc.) C:\Users\Tomáš\AppData\Local\Temp\0312091517305235mcinst.exe
2017-11-02 16:02 - 2018-01-30 10:37 - 000534528 _____ () C:\Users\Tomáš\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-30 10:08

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Ďakujem za reakciu. Prikladám log z ADW:

# AdwCleaner 7.0.7.0 - Logfile created on Tue Jan 30 14:39:26 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Value] - HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1609 B] - [2018/1/30 14:39:6]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

LOG FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Tomáš (administrator) on TOMAS-PC (30-01-2018 18:18:52)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Malwarebytes) D:\PrgramFilesPersonal\Anti-Malware\MBAMService.exe
(Malwarebytes) D:\PrgramFilesPersonal\Anti-Malware\mbamtray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP58525B6D0\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4148664 2014-04-04] (ESET)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [WarThunderLauncher] => D:\Users\Mirka\Hry\WarThunder\launcher.exe [5975632 2017-12-21] (Gaijin Entertainment)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Spotify] => C:\Users\Tomáš\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-24] (Spotify Ltd)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\Run: [Spotify Web Helper] => C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-24] (Spotify Ltd)
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {4c29dd96-80d9-11e7-90da-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {9b00ceca-8025-11e7-b75c-74de2b1bde5b} - H:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {a52677cf-ca87-11e6-b074-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Internet Explorer:
==================
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2018-01-30] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2018-01-30]
CHR Extension: (Prezentácie) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Dokumenty) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-23]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-23]
CHR Extension: (FileSafer Content Network) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\eloaifmmfmaieffoehmmomhgpfahgbdj [2018-01-11]
CHR Extension: (Tabuľky) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-12-28]
CHR Extension: (Short Alias for URL) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbddolnlinjapikkahabileeflbeapg [2017-01-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-24]
CHR Extension: (Trustnav safe search) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig [2017-12-16]
CHR Extension: (Marble) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhebjoppbkfocoeceijgihihgckeool [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-11]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-21] ()
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [42048 2014-04-04] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-04-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [191368 2014-04-04] (ESET)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMService; D:\PrgramFilesPersonal\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7987104 2017-04-10] (INCA Internet Co., Ltd.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2017-08-11] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-25] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-04-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2013-09-09] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [40512 2013-09-09] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [59064 2013-09-09] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2017-05-26] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-30] (Malwarebytes)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-07-22] ()
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-07-22] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-07-22] ()
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 15:37 - 2018-01-30 15:39 - 000000000 ____D C:\AdwCleaner
2018-01-30 15:37 - 2018-01-30 15:35 - 008206624 _____ (Malwarebytes) C:\Users\Tomáš\Desktop\adwcleaner_7.0.7.0.exe
2018-01-30 11:40 - 2018-01-30 11:40 - 000024898 _____ C:\Users\Tomáš\Desktop\Addition.txt
2018-01-30 11:39 - 2018-01-30 18:19 - 000014171 _____ C:\Users\Tomáš\Desktop\FRST.txt
2018-01-30 11:38 - 2018-01-30 18:18 - 000000000 ____D C:\FRST
2018-01-30 11:37 - 2018-01-30 11:30 - 002393088 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2018-01-30 11:28 - 2018-01-30 11:28 - 000015327 _____ C:\Users\Tomáš\Desktop\LM.bat
2018-01-30 11:27 - 2018-01-30 11:28 - 000029696 _____ C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2018-01-30 11:27 - 2018-01-30 11:26 - 000112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2018-01-30 11:20 - 2018-01-30 11:20 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\ESET
2018-01-30 11:20 - 2018-01-30 11:20 - 000000000 ____D C:\Users\Tomáš\AppData\Local\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\ProgramData\ESET
2018-01-30 11:18 - 2018-01-30 11:18 - 000000000 ____D C:\Program Files\ESET
2018-01-30 10:49 - 2018-01-30 15:52 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-30 10:48 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-01-30 10:37 - 2018-01-30 10:37 - 000003116 _____ C:\Windows\System32\Tasks\{37A4F2C7-C9BD-45D0-B587-6BE6AAC1908D}
2018-01-11 18:48 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-01-11 18:48 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-01-11 18:48 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-01-11 18:48 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-01-11 18:48 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-01-11 18:48 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-01-11 18:48 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-01-11 18:48 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-01-11 18:48 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-01-11 18:48 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-01-11 18:48 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-01-11 18:48 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-01-11 18:48 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-01-11 18:48 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-01-11 18:48 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-01-11 18:48 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-01-11 18:48 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-01-11 18:48 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-01-11 18:48 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-01-11 18:48 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-01-11 18:48 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-01-11 18:48 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-01-11 18:48 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-01-11 18:48 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-01-11 18:48 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-01-11 18:48 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-01-11 18:46 - 2018-01-11 21:06 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-01-11 15:27 - 2018-01-11 19:01 - 000001126 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-01-11 13:57 - 2018-01-11 15:09 - 000000000 ____D C:\Users\Tomáš\Downloads\The Sims 4 [FitGirl Repack]
2018-01-11 13:30 - 2018-01-11 13:30 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Gaijin
2018-01-11 13:30 - 2018-01-11 13:30 - 000000000 ____D C:\ProgramData\Gaijin
2018-01-06 22:57 - 2018-01-30 16:02 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Spotify
2018-01-06 22:57 - 2018-01-30 15:57 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Spotify
2018-01-06 22:57 - 2018-01-06 22:57 - 000001805 _____ C:\Users\Tomáš\Desktop\Spotify.lnk
2018-01-06 22:57 - 2018-01-06 22:57 - 000001791 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-30 16:06 - 2009-07-14 05:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-30 16:06 - 2009-07-14 05:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-30 15:59 - 2017-02-26 16:06 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2018-01-30 15:56 - 2009-07-14 06:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-30 15:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-30 15:51 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-30 15:39 - 2017-12-15 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-30 11:03 - 2017-08-13 20:07 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-30 11:03 - 2017-03-05 17:45 - 000000000 ____D C:\ProgramData\McAfee
2018-01-30 10:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-01-30 10:41 - 2017-12-15 14:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Lavasoft
2018-01-30 10:41 - 2017-12-15 14:12 - 000000000 ____D C:\ProgramData\Lavasoft
2018-01-30 10:39 - 2017-05-26 21:30 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2018-01-30 10:34 - 2017-12-15 14:13 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Opera Software
2018-01-28 20:09 - 2017-12-15 14:12 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\uTorrent
2018-01-28 20:09 - 2017-04-03 13:25 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2018-01-17 22:03 - 2016-12-23 19:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-15 19:38 - 2017-12-15 14:13 - 000004070 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1513343611
2018-01-11 18:49 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-01-09 11:31 - 2016-12-23 19:16 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 11:31 - 2016-12-23 19:16 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-06 23:06 - 2017-07-25 23:43 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-01-06 23:06 - 2017-07-25 23:41 - 000000000 ____D C:\ProgramData\Apple

==================== Files in the root of some directories =======

2017-08-16 00:52 - 2017-08-16 00:52 - 000154802 _____ () C:\Users\Tomáš\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-01-30 11:27 - 2018-01-30 11:28 - 000029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2017-05-18 14:09 - 2017-05-18 14:09 - 000000000 _____ () C:\Users\Tomáš\AppData\Local\{A52F88FE-A038-4405-A304-939406EA1E25}
2017-12-03 23:02 - 2017-12-03 23:02 - 000000000 _____ () C:\Users\Tomáš\AppData\Local\{ED89B74D-4BBB-41D9-8399-5E6066930C61}

Some files in TEMP:
====================
2017-11-02 16:02 - 2018-01-30 10:37 - 000534528 _____ () C:\Users\Tomáš\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-30 10:08

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {4c29dd96-80d9-11e7-90da-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {9b00ceca-8025-11e7-b75c-74de2b1bde5b} - H:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {a52677cf-ca87-11e6-b074-74de2b1bde5b} - E:\autorun.exe
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
U3 aswbdisk; no ImagePath
C:\Users\Tomáš\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

FIXLOG FRST:

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Tomáš (30-01-2018 18:43:21) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {4c29dd96-80d9-11e7-90da-74de2b1bde5b} - E:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {9b00ceca-8025-11e7-b75c-74de2b1bde5b} - H:\autorun.exe
HKU\S-1-5-21-1093029579-126750160-4136681776-1000\...\MountPoints2: {a52677cf-ca87-11e6-b074-74de2b1bde5b} - E:\autorun.exe
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
U3 aswbdisk; no ImagePath
C:\Users\Tom�\AppData\Local\Temp

EmptyTemp:
End
*****************

"HKU\S-1-5-21-1093029579-126750160-4136681776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => removed successfully
"HKU\S-1-5-21-1093029579-126750160-4136681776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c29dd96-80d9-11e7-90da-74de2b1bde5b}" => removed successfully
HKLM\Software\Classes\CLSID\{4c29dd96-80d9-11e7-90da-74de2b1bde5b} => key not found
"HKU\S-1-5-21-1093029579-126750160-4136681776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b00ceca-8025-11e7-b75c-74de2b1bde5b}" => removed successfully
HKLM\Software\Classes\CLSID\{9b00ceca-8025-11e7-b75c-74de2b1bde5b} => key not found
"HKU\S-1-5-21-1093029579-126750160-4136681776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a52677cf-ca87-11e6-b074-74de2b1bde5b}" => removed successfully
HKLM\Software\Classes\CLSID\{a52677cf-ca87-11e6-b074-74de2b1bde5b} => key not found
"HKLM\System\CurrentControlSet\Services\Avira.ServiceHost" => removed successfully
Avira.ServiceHost => service removed successfully
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully
aswbdisk => service removed successfully
"C:\Users\Tom�\AppData\Local\Temp" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46715833 B
Java, Flash, Steam htmlcache => 825 B
Windows/system/drivers => 259590953 B
Edge => 0 B
Chrome => 334201576 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 139304 B
Tomáš => 1133268254 B

RecycleBin => 5366658604 B
EmptyTemp: => 6.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:45:06 ====

Smazáno. Nastala nějaká změna?

Bohužiaľ Avira stále svieti a stále ju neviem žiadnym spôsobom dostať z PC. Wifi stále nefunguje, idem znova skúšať ovládače.

Avira není nainstalovaná, navíc jsem smazal službu, které ho spouští. Pokud se to stále objevuje, proveďte obnovu systému k datu, kdy korketně fungoval.

Avira je stále tam, aj ked nie je nainštalovaná. K súboru sa dostanem, ale ani násilné odstránenie mi nepomáha. Bod obnovy nemám k dispozícii. Takže, ostáva už asi len re-install WIN.

Ok.. Avira poletela tým najprimitívnejším spôsobom. Otvoril som umiestnenie súboru, a hneď po ukončení procesu som skúšal natvrdo vymazať .exe. Nakoľko sa automaticky spúšťala, podarilo sa mi to na asi 5ty pokus. Hlavné je, že je preč. (aspoň tak vyzerá)

OK. Jinak vše v pořádku?

NTB zase šlape. Nahodil som tam nový ESET s licenciou, cez HP podporu naštartoval net a v procesoch už nevidím žiadnu pliagu.

Ďakujem Vám veľmi pekne za pomoc

Rádo se stalo!

VIRY.CZ

Zavírený NTB, problém s pripojením na internet

Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet

Re: Zavírený NTB, problém s pripojením na internet