VIRY.CZ

Dobrý den,

poprosíl bych o kontrolu logu, při zadání adresy seznam.cz v jakemkoliv prohlíženi, stránka nenajede.

Předem děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:49, on 6.2.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Users\jura\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\jura\Downloads\HijackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jura\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - d:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9622 bytes

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . HJT už má dávno po sezóně.

Děkuji za info. Posílam logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by jura (07-02-2020 08:00:03)
Running from C:\Users\jura\Downloads
Windows 10 Pro Version 1909 18363.592 (X64) (2020-01-25 18:38:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2586349893-4068352233-4137309774-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2586349893-4068352233-4137309774-503 - Limited - Disabled)
Guest (S-1-5-21-2586349893-4068352233-4137309774-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2586349893-4068352233-4137309774-1002 - Limited - Enabled)
jura (S-1-5-21-2586349893-4068352233-4137309774-1000 - Administrator - Enabled) => C:\Users\jura
WDAGUtilityAccount (S-1-5-21-2586349893-4068352233-4137309774-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Balíček ovladače systému Windows - Easy Jtag Team (easyjtag) Ports (05/05/2013 3.0.0) (HKLM\...\D3199AF0FF87BD7F606B2FFF57F0E683B679FB7C) (Version: 05/05/2013 3.0.0 - Easy Jtag Team)
Balíček ovladače systému Windows - Easy Jtag Team (qcusbser) Ports (20/02/2010 1.0.0000.0) (HKLM\...\1970F2D2C4D917591FD812F4E160DDB8B87765C8) (Version: 20/02/2010 1.0.0000.0 - Easy Jtag Team)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - LIBUSB (libusb0) LIBUSB Generic USB Devices (01/17/2012 1.2.6.0) (HKLM\...\BF45AE427E6661FF728D746150D4630E72CD2304) (Version: 01/17/2012 1.2.6.0 - LIBUSB)
Balíček ovladače systému Windows - libusb-win32 (libusb0) USB (01/18/2012 1.2.6.0) (HKLM\...\E7818806C41577F170D21B994A5D37A97B7FA478) (Version: 01/18/2012 1.2.6.0 - libusb-win32)
BST V3.37.00 (HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\BST) (Version: 3.37.00 - GsmBest Team)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.24.2 - Androxyde)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HUA TOOLS ALL-in-ONE SETUP (HKLM-x32\...\HUA TOOLS ALL-in-ONE SETUP1.0.9) (Version: 1.0.9 - HUA BOX TEAM)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Kingston SSD Manager version 1.0.1.3 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.0.1.3 - Kingston Digital, Inc)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Mi PC Suite (HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\...\MiPhoneManager) (Version: - Xiaomi Inc.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PL-2303 Driver Installer (HKLM-x32\...\{BF857869-C2B5-472E-93D5-41A46AF59653}) (Version: 15.0.0.162 - Macrovision Corporation)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.12.0 - Prolific Technology INC)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.100.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
USB CCID Smartcard Reader - Version 1.2.1.2 (HKLM\...\{939913F9-F134-4E9E-B879-BE6755B69952}) (Version: 3.0.0.1 - USB CCID)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0-git - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinTools.net 11.0.1 Professional (HKLM-x32\...\{727A7452-9B12-4E45-B29A-BFEFA2FF8A7E}_is1) (Version: - WinTools Software Engineering, Ltd.)
XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [101]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2020-02-04 12:31 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2586349893-4068352233-4137309774-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.254.2 - 109.81.246.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: HTC NDIS Protocol Driver -> MS_NDISPROT (disabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:55.26 GB) (Free:32.94 GB) (60%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/07/2020 07:04:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4980,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/07/2020 06:53:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5296,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/07/2020 06:38:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/07/2020 05:53:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8512,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/06/2020 12:51:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2648,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/06/2020 12:39:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5624,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/06/2020 12:01:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10180,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/06/2020 11:01:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/07/2020 07:56:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_305bd byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (02/07/2020 07:53:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_31601 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (02/07/2020 07:53:25 AM) (Source: DCOM) (EventID: 10010) (User: jura-PC)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/07/2020 05:43:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_22b41f byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (02/06/2020 12:29:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_39b73 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (02/06/2020 12:29:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:41:57, ‎06.‎02.‎2020) bylo neočekávané.

Error: (02/06/2020 12:29:34 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (02/06/2020 05:42:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_3cf8e byla ukončena s následující chybou:
Zařízení není připraveno.


Windows Defender:
===================================
Date: 2020-01-31 12:14:42.872
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {01E66843-6824-4A10-938F-5C56E02BA493}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-31 07:28:00.663
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {63842F57-3754-4A1F-80DB-7F0DDE092E17}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-28 16:45:51.559
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmBest Team\BST\BST.lnk; file:_C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GsmBest Team\BST\BST.lnk; file:_D:\bst\Launcher.exe; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmBest Team\BST\BST.lnk; startup:_C:\Users\jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GsmBest Team\BST\BST.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: jura-PC\jura
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.307.3172.0, AS: 1.307.3172.0, NIS: 1.307.3172.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-28 16:45:30.555
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\bst\Launcher.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: jura-PC\jura
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.307.3172.0, AS: 1.307.3172.0, NIS: 1.307.3172.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

CodeIntegrity:
===================================

Date: 2020-02-06 05:55:47.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:47.100
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:47.078
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:47.015
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:47.010
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:47.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:46.280
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-06 05:55:46.174
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V10.11 10/18/2013
Motherboard: MSI H61M-P32/W8 (MS-7788)
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 60%
Total physical RAM: 3982.84 MB
Available physical RAM: 1563.29 MB
Total Virtual: 8078.84 MB
Available Virtual: 5612.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.26 GB) (Free:32.95 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:803.26 GB) NTFS

\\?\Volume{1d10cbda-88b6-11e6-8d93-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{f21af21a-0000-0000-0000-f0d60d000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1A181735)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 55.9 GB) (Disk ID: F21AF21A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=552 MB) - (Type=27)

==================== End of Addition.txt =======================

Ještě soubor FRST

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-10-2020
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete IFEO
[+] Delete Tracing Keys
[+] Reset Hosts File
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1569 octets] - [04/02/2020 06:21:57]
AdwCleaner[C00].txt - [1701 octets] - [04/02/2020 06:22:35]
AdwCleaner[S01].txt - [1527 octets] - [04/02/2020 06:25:02]
AdwCleaner[S02].txt - [1588 octets] - [04/02/2020 06:57:00]
AdwCleaner[C02].txt - [1778 octets] - [04/02/2020 06:58:09]
AdwCleaner[S03].txt - [1710 octets] - [04/02/2020 10:44:01]
AdwCleaner[C03].txt - [1900 octets] - [04/02/2020 10:44:17]
AdwCleaner_Debug.log - [30601 octets] - [04/02/2020 12:30:41]
AdwCleaner[S04].txt - [1894 octets] - [04/02/2020 12:30:59]
AdwCleaner[C04].txt - [2175 octets] - [04/02/2020 12:31:08]
AdwCleaner[S05].txt - [2068 octets] - [10/02/2020 07:15:15]
AdwCleaner[C05].txt - [2329 octets] - [10/02/2020 07:15:24]
AdwCleaner[S06].txt - [2139 octets] - [10/02/2020 07:19:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2586349893-4068352233-4137309774-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\jura\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [101]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GsmBest Team\BST\BST.lnk
D:\bst\Launcher.exe
Task: {21A415BB-2DCB-4AC4-B491-34702616F0FD} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {A9DB4145-C270-4EDF-8258-B1B3A8A32681} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
S2 MBAMInstallerService; C:\Users\jura\AppData\Local\Temp\MBAMInstallerService.exe [5225688 2020-02-07] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\jura\AppData\Roaming\Microsoft\Windows 7 Crack - serial register.vbs

EmptyTemp:
End

Uložte do C:\Users\jura\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Posílám Log.

Díky

OK. Potřebuji ale vidět obsah souboru fixlog.txt. Máte ho v C:\Users\jura\Downloads.

Omlouvám se.

OK. Nastala nějaká změna?

Pořád je to stejné, dám načíst stránku seznam.cz a nic se nestane. Pokud dám například https://login.szn.cz/, tak se vše zobrazí, ale čistě seznam.cz ne.

Na zkoušku vypněte antivir a firewall a pak to zkuste znovu.

Žádná změna,stále nefunguje.

Pokud se tam dostanete, zkuste tento postup: https://napoveda.seznam.cz/cz/email/chy ... -zobrazit/ .